---

==Phrack Classic== Volume Three, Issue 33, File #1 of 10 Phrack Classic Newsletter Issue XXXIII Index %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% September 1, 1991 Yes, Phrack is still alive. I know this should have come out about a year ago, but I wanted to sit back and watch how the computer underground has changed since I was a part of it years ago. I know now what is out there and will continue to bring Phrack to it. I will soon have my BBS back up and EVERYONE is welcome to call it, since I will have the other Phrack up for downloading or if you just want to say hi. For the time being, you can submit articles and news to CDEATH@Stormking.COM - the next Phrack will be out when I get enough articles to make another issue. Hopefully that will not be another year. I would go on this big spiele about how much everything has changed, blah, blah... but I am going to save that for a future file. :-) Well, I guess thats my two cents worth. Phrack 34 WILL be bigger, think of this as a getting back into the swing of things issue. Bye for now. Note: I would like to thank The Byter for his Celerity BBS program. Be on the lookout for Free Speech BBS running Celerity and being in the Celerity Network! Thanks again Byter! Crimson Death Editor of Phrack Classic _______________________________________________________________________________ Table of Contents: 1. Phrack Classic XXXIII Index by Crimson Death 2. Phrack Classic Spotlight featuring Shooting Shark by Crimson Death 3. How to Access Bankruptcy Information by The Butler 4. LOD/H and the Occult by Frater Purdurabo 5. A Hacker's Guide to the Internet by The Gatsby 6. Social Security Numbers by Private Citizen 7. FEDIX On-Line Information Service by P.H.R.A.C.K 8. Toll Fraud by AT&T 9. Knight Line II/Part 1 by Crimson Death 10. Knight Line II/Part 2 (Special File on Cyberview '91) by Bruce Sterling _______________________________________________________________________________ ==Phrack Classic== Volume Three, Issue 33, File #2 of 10 ==Phrack Classic Spotlight== This spotlight will be on a person which most of you should be familiar with. Most of you will remember his 'famous' file in LOD/H Tech Journal #1. I can remember that file spawning hundred's of Unix wanna-be hackers into trying to create their own crypt-compare hacker. This of course is... Shooting Shark ~~~~~~~~~~~~~~ Personal ~~~~~~~~ Handle: Shooting Shark Call him: 'Shark' will do. Past handles: None Handle origin: It's the title of the 3rd song on "Revolution By Night," which many consider to be Blue Oyster Cult's last good album. Date of Birth: 11/25/66 Age at current date: 24 Approximate Location: San Francisco Bay Area. Height: 5'10" Weight: 150 lbs. Eye color: Hazel Hair Color: Dark Brown Computers: First: Apple //e. Presently: ALR Business V EISA 386/33. ------------------------------------------------------------------------------ The Story of my Hacking Career: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In 1984 I was lucky enough to be a Senior at a high school that had one of the pilot "Advanced Placement Computer Science" classes. I didn't know much about computers at the time, but I had a strong interest, so I signed up. "Advanced Placement Computer Science" meant programming in Pascal using the UCSD P-System on the newly-released Apple //e. I wasn't too crazy about programming in Pascal - does ANYBODY really like Pascal? - but I did enjoy the software piracy sessions that the class had after school and, much of the time, during class when the Instructor was lecturing about DO WHILE loops or something equally fascinating. Some of our favorite games at the time were ZORK II and what I still consider to be the best Apple ][ game ever, RESCUE RAIDERS. A few months into the school year, I somehow convinced my mother to buy me my very own Apple //e, with an entire 64K of RAM, a monochrome monitor, and a floppy drive. The first low-cost hard drive for the Apple ][, the Sider, was $700 for 10Mb at the time, so it was out of the question. Now at about this time, Coleco was touting their Adam add-on to the ColecoVision game unit, and they had these great guilt-inducing advertisements that had copy something like this: TEACHER: "I want to talk to you about Billy. He's not doing very well in school. He just doesn't seem to understand new concepts as well as the other kids. All he does is sit there and pick his nose." CONCERNED FATHER: "Well, golly, I just don't know what to do. It's probably because his mother drank so much when she was pregnant." TEACHER: "Have you considered getting Billy a computer?" And of course the next scene showed little Billy inserting a tape cartridge into his new Adam and pecking his way to higher grades. Such was not the case with me when I got MY computer. All I did was go home after school and play "Wizardry." I stopped doing homework. I failed 3 out of 6 classes my last semester of my Senior year of high school. Luckily enough, I had already been accepted to the local state University, so it didn't really matter. Shortly before graduating, I took the AP Computer Science test and got the minimum passing score. (I didn't feel so bad when Sir Francis Drake later told me that he failed it. Then again, he completed all the questions in BASIC.) Worse yet, "Wargames" came out around this time. I'll admit it - my interest in hacking was largely influenced by that film. Sooo, shortly after I (barely) graduated from high school, I saved up my money and bought a - get this - Hayes MicroModem //e. It was only something like $250 and I was in 300 baud heaven. I started calling the local "use your real name" BBSs and shortly graduated to the various small-time hacker BBSs. Note that 90% of the BBSs at this time were running on Apples using Networks, GBBS or some other variant. Few were faster than 300 baud. It was on one of these Apple Networks BBSs that I noticed some users talking about these mysterious numbers called "800 extenders." I innocently inquired as to what these were, and got a reply from Elric of Imrryr. He explained that all I needed to do was dial an 800 number, enter a six-digit code, and then I could call anywhere I wanted for FREE! It was the most amazing thing. So, I picked a handle, and began calling systems like Sherwood Forest ][ and Sherwood Forest ]I[, OSUNY, and PloverNet. At their height, you could call any of these systems and read dozens of new messages containing lots of new Sprint and extender codes EVERY DAY. It was great! I kept pestering my mentor, Elric, and despite his undoubted annoyance with my stupid questions, we remained friends. By this time, I realized that my Hayes MicroModem //e was just not where it was at, and saved up the $400 to buy a Novation Apple Cat 300, the most awesomest modem of its day. This baby had a sound generation chip which could be used to generate speech, and more importantly, DTMF and 2600Hz tones. Stupidly enough, I began blue boxing. Ironically, at this time I was living in the very town that Steve Wozniak and Steve Jobs had gotten busted in for boxing ten years previously. And THEN I started college. I probably would have remained a two-bit Apple hacker (instead of what I am today, a two-bit IBM hacker) to this day if a friend hadn't told me that it was easy to hack into the school's new Pyramid 90x, a "super mini" that ran a BSD 4.2 variant. "The professor for the C class has created a bunch of accounts, sequentially numbered, all with the same default password." he told me. "Just keep trying them until you get an account that hasn't been used by a student yet!" I snagged an account which I still use to this day, seven years later. At about this time, I called The Matrix, run by Dr. Strangelove. This was my first experience with Ken's FORUM-PC BBS software. Dr. Strangelove was a great guy, even though he looks somewhat like a wood mouse (and I mean that in the nicest possible way). DSL helped me build my first XT clone for a total cost of about $400. He even GAVE me a lot of the components I needed, like a CGA card and a keyboard. Shortly after that, The Matrix went down and was quickly replaced by IDI, run by Aiken Drum. It is here that I met Sir Francis Drake. Shortly after THAT, IDI went down and was quickly replaced by Lunatic Labs Unltd, run by my old friend The Mad Alchemist. TMA lived within walking distance of my house, so I called LunaLabs quite a bit. LunaLabs later became the home base of Phrack for a few issues. And so during this time I just got really into Unix and started writing files for Phrack. I wrote about six articles for Phrack and then one for the 2nd LOD Technical Journal, which featured a brute-force password hacker. I know, that sounds archaic, but this was back in 1984, and I was actually one of the few people in the hacker community that knew quite a bit about Unix. I've been told by several people that it was my LOD TJ article that got *them* into Unix hacking (shucks). I also wrote the original Unix Nasties article for Phrack, and on two occasions, when I was later heavily into massive Internet node hopping, I would get into a virgin system at some backwoods college like MIT and find *my file* in somebody's directory. THEN, in around 1987, I got a letter from the local FBI office. It was addressed to my real name and asked for any information I might wish to provide on a break-in in San Diego. I of course declined (even though they sent me more letters) but let's just say that I stopped doing illegal things at around that time. Also, being over 18 sort of stopped me, as well. I know..."what a weenie." So Lunatic Labs, now being run by The Mad Alchemist, became my exclusive haunt because it was a local board. When Elric and Sir Francis Drake took over the editorship of Phrack for a few issues, I wrote all their intro files. THEN my computer broke, and I let those days just fade away behind me. Occasionally, old associates would manage to find me and call me voice, much to my surprise. Somebody called me once and told me an account had been created for me on a BBS called "Catch 22," a system that must have been too good to last. I think I called it twice before it went down. Then Crimson Death called me, asked me to write a ProPhile, and here we are. What I'm Doing Now ~~~~~~~~~~~~~~~~~~ After two years in the Computer Science program in college, I switched my major to Theater Arts for three reasons: 1) Theater Arts people were generally nicer people, 2) Most CS students were just too geeky for me (note I said "most") and 3) I just couldn't manage to pass Calculus III! I graduated last year with a BA in Theater Arts, and like all newly graduated Theater majors, started practicing my lines, such as "Do you want fries with that?" and "Can I tell you about today's special?" However, I managed to have the amazing luck of getting a job in upper management at one of the west coast's most famous IBM video graphics card manufacturers. My position lets me play with a lot of different toys like AutoDesk 3D Studio and 24-bit frame buffers. A 24-bit image I created was featured on the cover of the November 1990 issue of Presentation Products magazine. For a while I was the system administrator of the company's Unix system, with an IP address and netnews and the whole works. Now I'm running the company's two-line BBS - if you can figure out what company I work for, give it a call and leave me some mail sometime. I'm also into MIDI, and I've set my mother up with a nice little studio including a Tascam Porta One and a Roland MT-32. I was an extra in the films "Patty Hearst" (with The $muggler) and "The Doors" (for which I put in a 22-hour day at the Warfield Theater in San Francisco for a concert scene that WAS CUT FROM THE #*%& FILM) and I look forward to working on more films in a capacity that does not require me to wear bell-bottoms. I've also acted in local college theater and I'll be directing a full-length production at a local community theater next year. I like to consider myself a well-rounded person. Oh yeah. I also got married last October. People I Have Known ~~~~~~~~~~~~~~~~~~~ Elric of Imrryr - my true mentor. He got me into the business. Too bad he moved to Los Angeles. The late Shadow 2600 - early in my career he mentioned me and listed me as a collaborator for a 2600 article. That was the first time I saw my name in print. Oryan QUEST - After I had my first Phrack article published, he started calling me (he lived about 20 miles away at the time). He would just call me and give me c0deZ like he was trying to impress me or something. I don't know why he needed me for his own personal validation. I was one of the first people to see through him and I realized early on that he was a pathological liar. Later on he lied about me on a BBS and got me kicked off, because the Sysop though he was this great guy. Sheesh. Sir Francis Drake - certainly one of the more unique people I've met. He printed a really crappy two-part fiction story I wrote in his WORM magazine. Shortly after that the magazine folded; I think there's a connection. David Lightman - never met him, but he used to share my Unix account at school. The Disk Jockey - he pulled a TRW report on the woman that I later ended up marrying. Incidentally, he can be seen playing basketball in the background in one scene of the film "Hoosiers." Lex - I have to respect somebody who would first publish my article in LOD TJ and then call me up for no reason a year later and give me his private Tymnet outdial code. Dr. Strangelove - he runs a really cool BBS called JUST SAY YES. Call it at (415) 922-2008. DSL is probably singularly responsible for getting me into IBM clones, which in turn got me my job (how many Apple // programmers are they hiring nowadays?). BBSs ~~~~ Sherwood Forest ][ and ]I[, OSUNY - I just thought they were the greatest systems ever. Pirate's Bay - run by Mr. KRACK-MAN, who considered himself the greatest Apple pirate that ever lived. It's still up, for all I know. The 2600 Magazine BBS - run on a piece of Apple BBS software called TBBS. It is there that I met David Flory. The Police Station - Remember THAT one? The Matrix, IDI, Lunatic Labs - three great Bay Area Forum-PC boards. Catch-22 - 25 Users, No Waiting! And, of course, net.telecom (the original), comp.risks, rec.arts.startrek... Memories ~~~~~~~~ Remember Alliance Teleconferencing? Nothing like putting the receiver down to go get something to eat, forgetting about it, coming back in 24 hours, and finding the conference still going on. Playing Wizardry and Rescue Raiders on my Apple //e until I lost the feeling in my fingers... Carding 13 child-sized Garfield sleeping bags to people I didn't particularly care for in high school... Calling Canadian DA Ops and playing a 2600Hz tone for them was always fun... Trashing all the local COs with The Mad Alchemist... My brush with greatness: I was riding BART home from school one night a few years ago when Steve Wozniak got onto my car with two of his kids. He was taking them to a Warriors game. I was the only person in the car that recognized him. He signed a copy of BYTE that I happened to have on me and we talked about his new venture, CL-9, the universal remote controller. (Do you know anybody who ever BOUGHT one of those?) ...And now, for the question: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Of the general population of phreaks you have met, would you consider most phreaks, if any, to be computer geeks?" Back in my Apple pirating days, I met quite a few young men who were definitely members of the Order of the Geek. However, I can count the number of true phreaks/hackers I have met personally on one hand. None of them are people I'd consider geeks, nerds, spazzes, dorks, etc. They're all people who live on the fringe and do things a bit differently - how many LEGAL people do you know that have a nose ring? - but they're all people I've respected. Well, let me take back what I just said. Dr. Strangelove looks kinda geeky in my opinion (my mother thinks he's cute, but then again she said that Sir Francis Drake is "cute" and when I told him that it bothered him to no end), but I consider him a good friend and a generally k-kool d00d. (I'm sure I'll be getting a voice call from him on that one...) The only phreak that I've ever taken a genuine disliking to was Oryan QUEST, but that was only because he was a pathological liar and a pest. Who knows, he might be a nice person now, so no offense intended, especially if he knows my home address. So, Anyway... Thanks for your time Shooting Shark. Crimson Death -------------------------------------------------------------------------------- ==Phrack Classic== Volume Three, Issue 33, File #3 of 10 H O W T O A C C E S S B A N K R U P T C Y I N F O R M A T I O N 1/29/91 In my article "The Art Of Investigation" in Phrack Classic 32, I mentioned how one could dig up information about someone using bankruptcy records. Well here is a file on how to do just that, ONLINE! Currently these services are free to the public. For ACES and PACER you have to apply for an ID and password. Call the particular court for a form to fill out. Remember to bullshit about who you are, etc... The most useful of these services is probably PACER. I will not go into how to use the system because if is very self explanatory. I will tell you that you can only search by last name and case #, there is a 10 minute time limit for each session, but, when you get cut off you can just call back for another 10 minutes, the system is not case sensitive. The Federal Court System is introducing new services and technologies designed to provide people outside the court (the public) with easier and better access to court information. ACES/ACOPS --- (Appellate Court Electronic Services / Appeals Court Opinion Posting System) An electronic bulletin board for the electronic dissemination of appellate court information. This service allows public users to view and transfer electronically published slip opinions, court oral argument calendars, court rules, notices and reports, and press releases. The Ninth Circuit Court of Appeals (San Francisco) was the first federal appellate court to offer this service since January 1, 1989. The Fourth Circuit (Richmond, Virginia) started offering the same service beginning on March 1, 1990. A comparable electronic bulletin service called CITE has recently been initiated (as of January 1, 1990) by the Sixth Circuit (Cincinnati, Ohio). PACER --- (Public Access to Court Electronic Records) A dial-in service from any personal computer, word processor, or other automation equipment that permits the retrieval of official electronic case information and court dockets in less than a minute. Since 1989 several U.S. District Courts offer this service, and more recently, the Fourth Circuit Court of Appeals (Richmond, Virginia), and various U.S. Bankruptcy Courts have begun offering similar services. To register for this service in a particular court, contact the appropriate clerk of court office. VCIS --- (Voice Case Information System) The use of a computer voice generation device (voice synthesizer) that reads back case information directly from the court's database in response to Touch-Tone telephone inquiries. This service is now operating in over twenty-five bankruptcy courts. For additional information about any of these services, please contact the appropriate court. FJC PUBLIC ACCESS PROJECT NUMBERS As of December 10, 1990 ACES U.S. Court of Appeals Ninth Circuit (415) 556-8620, 8647, 8648 Fourth Circuit (804) 771-2028, 2063 Sixth Circuit (513) 684-2842 PACER District Courts To Register Computer Arizona (602) 261-3547/-3854 (602) 261-4978 District of Columbia (202) 535-3508 (202) 523-5606 Georgia-Northern (FTS 841) (404) 331-6496 (404) 331-0259 Massachusetts (FTS 835) (617) 223-9817 (617) 223-4294 Texas-Western (FTS 730) (512) 229-4149 (512) 229-5241 Utah (FTS 588) (801) 524-5662 (801) 524-4221 Bankruptcy Courts California-Southern(FTS 895)(619) 557-6508 (619) 557-6875 Kansas (FTS 752) (316) 269-6486 (316) 269-6253,4,5 Maine (FTS 835) (207) 780-3482 (617) 565-6021,2,3 Massachusetts (FTS 835) (617) 565-6093/-8406 (617) 565-6021,2,3 New Hampshire (FTS 835) (603) 666-7783/-7530 (617) 565-6021,2,3 Oregon (FTS 423) (503) 326-5198 (503) 326-7450 Rhode Island (FTS 835) (401) 528-4465 (617) 565-6021,2,3 Texas-Western (FTS 730) (512) 229-5211 (512) 229-6262 U.S. Court of Appeals 4th Circuit (FTS 925) (804) 925-2213 (804) 771-8084 VCIS Bankruptcy Courts Arkansas-Eastern & Western (FTS 740) (501) 378-5770 California-Southern (FTS 895) (619) 557-6521 Illinois-Central (FTS 955) (217) 492-4550 Illinois-Central (Only for in-state calls) 1-800-827-9005 Florida-Southern (FTS 350) (305) 536-5979 Kansas (FTS 752) (316) 269-6668 Kansas (Only for in-state calls) 1-800-827-9028 Louisiana-Eastern (FTS 682) (504) 589-3951 Louisiana-Western (FTS 493) (318) 226-5678 Maine (FTS 833) (207) 780-3755 Massachusetts (FTS 835) (617) 565-6025 Michigan-Western (FTS 372) (616) 456-2075 Mississippi-Northern (601) 369-8147 Missouri-Western (FTS 867) (816) 842-7985 New Hampshire (FTS 834) (603) 666-7424 New Jersey (FTS 341) (201) 645-3098 New York-Eastern (FTS 656) (718) 852-5726 New York-Western (FTS 437) (716) 846-5311 North Carolina-Middle (FTS 699) (919) 333-5532 Oklahoma-Eastern (918) 756-8617 Oregon (FTS 423) (503) 326-2249 Pennsylvania-Eastern (215) 597-2244 Rhode Island (FTS 838) (401) 528-4476 South Carolina (FTS 677) (803) 765-5211 Texas-Eastern (214) 592-6119 Texas-Western (FTS 730) (512) 229-4023 Virginia-Eastern (FTS 925) (804) 771-2736 Washington-Western (FTS 399) (206) 442-8543/-6504 West Virginia-Southern (FTS 930) (304) 347-5337 If you have any questions regarding this information I can be reached on the RIPCO BBS. The Butler... -------------------------------------------------------------------------------- ==Phrack Classic== Volume Three, Issue 33, File #4 of 10 -----*****)))))21(((((*****----- + + + The Legion of Doom + + and + + The Occult + + + + Frater P.D.D.C.F, LOD + + + -----*****)))))21(((((*****----- From its explosive beginnings in the summer of 1984 to the present day, the group known as "The Legion of Doom" has been enshrouded in secrecy. Now that our numbers have been corrupted, and the hope of once regaining the immense power we wielded over the years has faded, we offer to the last remaining fragments of the underground from which we arose the secret knowledge that kept our members at the apex of knowledge and beyond the grasp of security officials. It is our hope that through wide circulation of this material that perhaps some future enthusiasts will seek the truth from within, and gain the knowledge and wisdom necessary to endure the trauma of illumination. HISTORY Initially, the idea of combining modern technology with ancient wisdom was formulated as a type of joke. One particular system was proving extremely difficult to penetrate. One member remarked rather off-handedly, "Why not ask the Ouija board for passwords?" This was laughed about for several minutes but ultimately it was decided that it should be tried. Two members set up the board and began concentrating on the computer system in question. After several minutes an entity was contacted. When asked what the root password was on the UNIX system we had discovered, it answered "rambo". "Rambo" was the password. Several more trials were done, and more than two thirds of them ended with positive results. It was decided at this time that there should be an inner order to the Legion of Doom for those members who shared an interest in learning more about the occult and its uses in a hacking forum. At that time it was decided that there would be seven members admitted. From that time forth, there have always been seven members. The circle will be broken upon the incarceration of our initiates in the coming new year, and our control over the planes will be lost. What follows are several steps to increasing one's knowledge of the occult and use of this information in a computer setting. OUIJA In our experience we have found that it is best to attempt this type of communication with two persons. It is extremely important that one not attempt to contact an entity using the Ouija alone. When there is only one psyche involved, the spirit can fixate on it with great ease and the chances for possession or extreme mental duress is quite high. Sit facing a partner with the Ouija touching each lap. Each person should keep one hand on the planchet and the other on the computer keyboard. While concentrating on contact, make the necessary steps to connect to the system desired to ask about. Once connection has been established with the host system, begin asking the surroundings, "Is there anything that wishes to talk with us?" One may have to concentrate and repeat the question for several minutes. When an entity moves onto the board one may feel a slight tingling in one's fingertips as the planchet moves around the board. Once is has been asserted that there is a strong presence on the board, ask of it any question desired. *** The above is a simple enough method and can (and should) be tried by all. What follows is more complex and should not be attempted with any degree of levity. STEPS TO ENSURE SUCCESS WHILE HACKING To enjoy a great deal of success while hacking the following steps must be taken. 1. Always hack in the same room, at the same time of day. 2. Always purify mind and body before hacking. This would include a ritual bath and sexual abstinence and fasting for at least 12 hours prior to any attempt. One may wish to design a Tau robe to wear during attempts, or in any case a set of clothing specifically for hacking attempts that would symbolize such a garment. 3. Perform the Lesser Banishing Ritual of the Pentagram (See below). 4. Perform the Rose Cross Ritual (See below). 5. Perform a candle burning to attract good luck. By following these steps one will experience success and fulfillment greater than imagined possible. LBRP 1. Touch forehead, and say deeply "Ah-Tah". 2. Point down, hand over abdomen, say deeply "Mahl-Koot". 3. Touch right shoulder, say deeply "Vih-G'boo-Rah". 4. Touch left shoulder, say deeply "Vih-G'doo-Lah". 5. Fold hands at chest, say deeply "Lih-Oh-Lahm, Ah-Men". 6. Face East, Draw a pentagram in the air, point to its center, say deeply "Yud-Heh-Vavh-Heh". 7. Turn South, keeping line from first pentagram, draw new pentagram, point to its center, say deeply "Ah-Doh-Nye". 8. Turn West, repeat as above, but say deeply "Eh-Heh-Yeh". 9. Turn North, repeat as above, but say deeply "Ah-Glah". 10. Turn East, carrying line to complete circle. 11. Hands out, say "Before me Rah-Fay-El, Behind me Gabh-Ray-El, On my right hand Mih-Chai-El, And on my left hand Ohr-Ree-El. For about me flames the pentagram, and within me shines the six rayed star. 12. Repeat steps 1-5. (For those concerned, the translations of the above are as follows: Ah-Tah: Thine Mahl-Koot: Kingdom Vih-G'Boo-Rah: and the power Vih-G'Doo-Lah: and the glory Lih-Oh-Lahm: forever Ah-Men: Lord, Faithful King (AMEN=acronym) Yud-Heh-Vavh-Heh: The Holy Tetragrammaton Ah-Doh-Nye: My Lord Eh-Heh-Yeh: I shall be Ah-Glah: Thou art great forever, my Lord (AGLA=acronym) Rah-Fay-El ( Gahb-Ray-El Names of Arch-angles Mih-Chai-El ( Ohr-Ree-El ( When the steps read "say deeply" one should try to resonate the words, from the diaphragm, so that the body actually feels the words. ROSE CROSS RITUAL 1. Light a stick of incense. 2. In the SE corner of the room, looking away from the center, draw a large cross in the air with incense, and intersect its sides with a circle (like a Celtic cross, or crosshairs in a gun sight), point the tip of the incense to the center of the cross and say deeply "Yeh-Hah-Shu-Ah". 3. Move to the SW corner of the room, keeping the line from the first cross, repeat as above. 4. Move to the NW, repeat as above. 5. Move to the NE, repeat as above. 6. Move to the SE to complete the circle. 7. Face NW, incense pointed up, walk to the center of the room, continuing the line, make the rose cross above the center of the room, speak the name, then continue moving NW, connect the line to the center of the cross in the NW. 8. Move back to the SE, incense pointed down, stop in the center and draw the rose cross in the center of the room on the ground, speak the name, then continue on SE, connecting the line to the center of the cross in the SE. 9. Point to the center of the SE cross and speak the name. 10. Walk to the SW corner. 11. With the incense pointed upwards, walk to the NE, at the center of the room stop and speak the name, then continue on to the NE, once at the NE, face the SW and walk back to the SW, incense pointed down, at the center of the room speak the name, and continue on to the SW. 12. Point to the center of the SW cross and move clockwise to each corner, again connecting the centers of each cross. 13. Once back at the SW corner, remake the cross as large as possible and speak the name "Yeh-Hah-Shu-Ah" while forming the bottom of the circle, and speak the name "Yeh-Hoh-Vah-Shuh" when forming the top half of the circle. 14. Go to the center of the area, face east, and think of the six rose crosses surrounding the room. Think of them as gold, with red circles, and the lines connecting them as gleaming white. CANDLE BURNING RITUAL 1. Obtain a green candle 2. Anoint the top of the candle with olive oil and rub it downward to the middle of the candle. 3. Anoint the bottom of the candle with the oil and rub it upwards to the center. 4. Carve the letters "JIHEJE" on the candle. 5. Light the candle. 6. Read aloud the fourth Psalm. 7. Pray for the desired outcome. 8. Concentrate on the desired outcome. 9. Repeat 6 through 8 two more times. THE GEMATRIA OF TELEPHONE NUMBERS Some in our order have found insight by reflecting on the various meanings that can be derived from the numerical values of telephone numbers using the Cabalistic method of numerology. Those that use this method have focused on one particular method of number determination: Example: 800-555-1212 800 = 400 + 300 + 100 555 = 400 + 100 + 50 + 5 121 = 100 + 20 + 1 2 = 2 One can also obtain other numbers for contemplation by the following method: 800-555-1212 = 8 + 0 + 0 + 5 + 5 + 5 + 1 + 2 + 1 + 2 = 29 = 2 + 9 = 11 = 1 + 1 = 2 All of the above values are related. A total contemplation of the meanings of all values will lead to a more complete understanding of the true meanings. These numbers each correspond to a particular Hebrew letter and word, as well as a card in the Major Arcana of the Tarot. The following is a table to be used for the above. 1 Aleph Ox 0-The Fool 2 Beth House I-The Magician 3 Gimel Camel II-The High Priestess 4 Daleth Door III-The Empress 5 Heh Window IV-The Emperor 6 Vav Nail V-The Hierophant 7 Zayin Sword VI-The Lovers 8 Cheth Fence VII-The Chariot 9 Teth Serpent VIII-Strength 10 Yod Finger IX-The Hermit 20 Caph Palm of hand X-The Wheel of Fortune 30 Lamed Whip XI-Justice 40 Mem Water XII-The Hanged Man 50 Nun Fish XIII-Death 60 Samech Arrow XIV-Temperance 70 Ayun Eye XV-The Devil 80 Peh Mouth XVI-The Tower 90 Tzaddi Hook XVII-The Star 100 Qoph Back of head XVIII-The Moon 200 Resh Head XIX-The Sun 300 Shin Tooth XX-Judgement 400 Tau Cross XXI-The World One may wish to further research numbers by taking particular groupings and cross referencing them in the "Sepher Sephiroth" which can be found in "The Qabalah of Alister Crowley." OTHER CANDLE BURNING RITUALS Should one come into conflict with authorities for any reason, any or all of the following will prove useful. To gain favor with authorities 1. Obtain a purple candle 2. Anoint the top of the candle with olive oil and rub it downward to the middle of the candle. 3. Anoint the bottom of the candle with the oil and rub it upwards to the center. 4. Carve the letters "JASCHAJAH" on the candle. 5. Light the candle. 6. Read aloud the fifth Psalm. 7. Pray for the desired outcome. 8. Concentrate on the desired outcome. To obtain favors from important people 1. Obtain a green candle 2. Anoint the top of the candle with olive oil and rub it downward to the middle of the candle. 3. Anoint the bottom of the candle with the oil and rub it upwards to the center. 4. Carve the letters "PELE" on the candle. 5. Light the candle. 6. Read aloud the thirty-fourth Psalm. 7. Pray for the desired outcome. 8. Concentrate on the desired outcome. For favor in court cases 1. Obtain a purple candle 2. Anoint the top of the candle with olive oil and rub it downward to the middle of the candle. 3. Anoint the bottom of the candle with the oil and rub it upwards to the center. 4. Carve the letters "JAH" on the candle. 5. Light the candle. 6. Read aloud the 35th and 36th Psalms. 7. Pray for the desired outcome. 8. Concentrate on the desired outcome. To regain credibility after being defamed by enemies 1. Obtain a purple candle 2. Anoint the top of the candle with olive oil and rub it downward to the middle of the candle. 3. Anoint the bottom of the candle with the oil and rub it upwards to the center. 4. Carve the letters "ZAWA" on the candle. 5. Light the candle. 6. Read aloud the 41st, 42nd, and 43rd Psalms. 7. Pray for the desired outcome after reading each Psalm. 8. Concentrate on the desired outcome. 9. Repeat 6 through 8 two more times. 10. Repeat for three days To help release one from imprisonment 1. Obtain a purple candle 2. Anoint the top of the candle with olive oil and rub it downward to the middle of the candle. 3. Anoint the bottom of the candle with the oil and rub it upwards to the center. 4. Carve the letters "IHVH" on the candle. 5. Light the candle. 6. Read aloud the 71st Psalm. 7. Pray for the desired outcome. 8. Concentrate on the desired outcome. For help in court cases 1. Obtain a purple candle 2. Anoint the top of the candle with olive oil and rub it downward to the middle of the candle. 3. Anoint the bottom of the candle with the oil and rub it upwards to the center. 4. Carve the letters "IHVH" on the candle. 5. Light the candle. 6. Read aloud the 93rd Psalm. 7. Pray for the desired outcome. 8. Concentrate on the desired outcome. To gain favor in court cases 1. Obtain a purple candle 2. Anoint the top of the candle with olive oil and rub it downward to the middle of the candle. 3. Anoint the bottom of the candle with the oil and rub it upwards to the center. 4. Carve the letters "LAMED" on the candle. 5. Light the candle. 6. Read aloud the 119th Psalm, verses 89-96. 7. Pray for the desired outcome. 8. Concentrate on the desired outcome. To gain favor in court 1. Obtain a purple candle 2. Anoint the top of the candle with olive oil and rub it downward to the middle of the candle. 3. Anoint the bottom of the candle with the oil and rub it upwards to the center. 4. Carve the letters "IHVH" on the candle. 5. Light the candle. 6. Read aloud the 120th Psalm. 7. Pray for the desired outcome. 8. Concentrate on the desired outcome. To gain favor when approaching a person of authority 1. Obtain a purple candle 2. Anoint the top of the candle with olive oil and rub it downward to the middle of the candle. 3. Anoint the bottom of the candle with the oil and rub it upwards to the center. 4. Carve the letters "IHVH" on the candle. 5. Light the candle. 6. Read aloud the 122nd Psalm. 7. Pray for the desired outcome. 8. Concentrate on the desired outcome. ***Each candle can only be used for one particular purpose. One must prepare a new candle for each ritual. ASTRAL CONFERENCING Some of our number after having found it quite difficult to contact other members took a new approach to astral projection. Astral conferencing became the spiritual counterpart to AT&T's Alliance Teleconference. Members would arrange to meet at a given time and would relay any necessary information during these sessions. This type of communication was made the standard due to its legality, its speed, and the impossibility of interception by federal authorities. To attempt this type of psychic travel, it is advised that the seeker look elsewhere for instruction on building his or her own psychic powers, and slowly moving upwards to the complexities of travel on the Astral Plane. One must learn to stand before learning how to run. WARNINGS ABOUT ABUSES OF POWER Some members have taken their interests to the extreme. There was talk some years ago about blood offerings to obtain knowledge in dealing with the TRW credit system. This was a complete failure which was done with out knowledge by others in the order. It is written in Isaiah: 1:11 "I am full of the burnt offerings of rams, and the fat of fed beasts; and I delight not in the blood of bullocks, or of lambs, or of he goats." 66:3 "He that killeth an ox is as if he slew a man" Those who committed the above offering suffered greatly for their deed, for such is an abomination before the Lord. It is wise to learn from their mistakes. Other members have attempted such obscure measures as psychic data corruption, ala Uri Geller. These attempts saw little success, and left those attempting the feats psychically exhausted and drained for nearly a week. Other members have attempted to thwart enemies such as the Secret Service, the FBI, journalists such as Richard Sandza, and individuals such as John Maxfield though magical means. When the outcome desired was weak, the results were high, but when a member actually tried to bring about the demise of a Southern Bell Security official, the power of the spell reversed and the member was soon placed under surveillance by the Secret Service, nearly causing disaster for the entire group, and completely dissolving the power of the order. One may find that once such power is somewhat mastered, it is easy to take shortcuts and thereby miss safety precautions. One must never forget to take these precautions, for disaster looms at every junction. The three members linked to the above incident had become well versed in the magical system of Abra-Melin the Mage. The spell which turned should never have been used in the first place. The spell was designed to stop a person's heart and could only be carried out with the help of the evil spirit Belzebud. The Symbol L E B H A H E M A U S A B H A H was used, yet the full precautions to protect the invoker from the spirit were ignored, and Belzebud ran free to affect whatever he saw fit to affect. They had seen prior success in this system using a symbol to obtain knowledge of things past and future and were able to obtain a great deal of information from various computer systems. However, that particular spell is invoked by the Angels, and little precaution need be taken in that instance. That Symbol: M I L O N I R A G O L A M A L O G A R I N O L I M AN INTERESTING EXAMPLE OF OCCULT INFLUENCED HACKING One particular evening of Ouija ended with a DNIC and a plea to halt the operation of the system. When members connected to this system they were shocked to find that it was a UNIX belonging to the Ministry of Treasury in the Republic of South Africa. The system was networked to a number of other government systems. Several standard defaults were still unprotected, and root was gained in a matter of minutes. A debate ensued over whether or not to disrupt the system in protest of Apartheid, but the system was left unscathed on the premise that to cause malicious damage would only make things worse. CLOSING Once the doors to ancient knowledge have been opened, the knowledge found within is immense and incredibly powerful. Do not fear experimentation and exploration, but be mindful of the existence of God and the spirits, and respect their power. Use whatever means necessary to achieve desired goals, but at no times cause harm to any other person, and do nothing out of aggression. Whatever degree of energy is sent forth will come back, if one sends out positive energy, positive energy will flow back; the converse of this is equally valid. Diversify one's interests, develop the mind, seek out hidden and suppressed knowledge, and experience the beauty of the true nature of magic. Frater Perdurabo Deo Duce Comite Ferro Inner Order of LOD -------------------------------------------------------------------------------- ==Phrack Classic== Volume Three, Issue 33, File #5 of 10 @#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&#$%&@#$%&@#$%&@#$%&@#$%&@#$%&#@ # $ $ A % & @ @ Hacker's Guide # # $ $ to % % & & The Internet @ @ # # $ $ By: The Gatsby % % & &@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$&@#$%&@#$%&@#$%&@ @ # $ Version 2.00 ! AXiS ! 7/7/91 $ % & &@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$%&@#$&@#$%&@#$%&@#$%&@ 1 Index ~~~~~~~~~ Part: Title: ~~~~ ~~~~~ 1 Index 2 Introduction 3 Glossary, Acronyms & Abbreviations 4 What is The Internet ? 5 Where Can You Access The Internet 6 TAC 7 Basic Commands a TELNET command b ftp ANONYMOUS to a Remote Site c Basic How to tftp the Files d Basic Fingering 8 Networks You Will See Around 9 Internet Protocols 10 Host Name & Address 11 Tips and Hints 2 Introduction ~~~~~~~~~~~~~~~~ Well, I was asked to write this file by Haywire (aka. Insanity, SysOp of Insanity Lane), about Internet. Thus the first release of this file was in a IRG newsletter. Due to the mistakes of the last release of this file has prompted me to "redo" some of this file, add some more technical stuff and release it for AXiS. I have not seen any files written for the new comer to Internet, so this will cover the basic commands, the use of Internet, and some tips for hacking through internet. There is no MAGICAL way to hacking a UNIX system, i have found that brute force works best (Brute hacker is something different). Hacking snow balls, once you get the feel of it, it is all clock work from there. Well i hope you enjoy the file. If you have any questions i can be reached on a number of boards. This file was written for hackers (like me) who do not go to school with a nice Internet account, this is purely written for hackers to move around effectively who are new to Internet. The last part of this file is for people who know what they are doing, and want more insight. - The Crypt - - 619/457+1836 - - Call today - - Land of Karrus - - 215/948+2132 - - Insanity Lane - - 619/591+4974 - - Apocalypse NOW - - 2o6/838+6435 - <*> AXiS World HQ <*> and any other good board across the country..... Mail me on the Internet: gats@ryptyde.cts.com bbs.gatsby@spies.com The Gatsby 3 Glossary, Acronyms & Abbreviations ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ACSE - Association Control Service Element, this is used with ISO to help manage associations. ARP - Address Resolution Protocol, this is used to translate IP protocol to Ethernet Address. ARPA - defence_Advanced_Research_Project_Agency. ARPANET - defence Advanced Research Project Agency or ARPA. This is a experimental PSN which is still a sub network in the Internet. CCITT - International Telegraph and Telephone Consultative Committee is a international committee that sets standard. I wish they would set a standard for the way they present their name! CERT - Computer Emergency Response Team, they are responsible for coordinating many security incident response efforts. In other words, these are the guys you do not want to mess with, because they will make your life a living hell. They are the Internet pigs, but they do have real nice reports on "holes" in various UNIX strands, which you should get, they will help you a lot. CMIP - Common Management Information Protocol, this is a new HIGH level protocol. CLNP - Connection Less Network Protocol is a OSI equivalent to Internet IP DARPA - Defence Advanced Research Project Agency. See ARPANET DDN - Defence Data Network driver - a program (or software) that communicates with the network itself, examples are TELNET, FTP, RLOGON, etc ftp - File Transfer Protocol, this is used to copy files from one host to another. FQDN - Fully Qualified Domain Name, the complete hostname that reflects the domains of which the host is a part gateway - Computer that interconnects networks host - Computer that connected to a PSN. hostname - Name that officially identifies each computer attached internetwork. Internet - The specific IP-base internetwork. IP - Internet Protocol which is the standard that allows dissimilar host to connect. ICMP - Internet Control Message Protocol is used for error messages for the TCP/IP LAN - Local Area Network MAN - Metropolitan Area Network MILNET - DDN unclassified operational military network NCP - Network Control Protocol, the official network protocol from 1970 until 1982. NIC - DDN Network Information Center NUA - Network User Address OSI - Open System Interconnection. An international standardization program facilitate to communications among computers of different makes and models. Protocol - The rules for communication between hosts, controlling the information by making it orderly. PSN - Packet Switched Network RFC - Request For Comments, is technical files about Internet protocols one can access these from anonymous ftp at NIC.DDN.MIL ROSE - Remote Operations Service Element, this is a protocol that is used along with OSI applications. TAC - Terminal Access Controller; a computer that allow direct access to internet. TCP - Transmission Control Protocol. TELNET - Protocol for opening a transparent connection to a distant host. tftp - Trivial File Transfer Protocol, one way to transfer data from one host to another. UDP - User Datagram _Protocol UNIX - This is copyrighted by AT$T, but i use it to cover all the look alike UNIX system, which you will run into more often. UUCP - Unix-to-Unix Copy Program, this protocol allows UNIX file transfers. This uses phone lines using its own protocol, X.25 and TCP/IP. This protocol also exist for VMS and MS-DOS (Why not Apple's ProDOS ? I still have one!). uucp - uucp when in lower case refers to the UNIX command uucp. For more information on uucp read The Mentors files in LoD Tech. Journals. WAN - Wide Area Network X.25 - CCITTs standard protocol that rules the interconnection of two hosts. In this text file i have used several special charters to signify certain thing. Here is the key. * - Buffed from UNIX it self. You will find this on the left side of the margin. This is normally "how to do" or just "examples" of what to do when using Internet. # - This means these are commands, or something that must be typed in. 4 What is The Internet ? ~~~~~~~~~~~~~~~~~~~~~~~~~~ To understand The Internet you must first know what it is. The Internet is a group of various networks, ARPANET (an experimental WAN) was the first. ARPANET started in 1969, this experimental PSN used Network Control Protocol (NCP). NCP was the official protocol from 1970 until 1982 of the Internet (at this time also known as DARPA Internet or ARPA Internet). In the early 80's DARPA developed the Transmission Control Protocol/Internet Protocol which is the official protocol today, but much more on this later. Due to this fact, in 1983 ARPANet split into two networks, MILNET and ARPANET (both still being part of the DDN). The expansion of Local Area Networks (LAN) and Wide Area Networks (WAN) helped make the Internet connecting 2,000+ networks strong. The networks include NSFNET, MILNET, NSN, ESnet and CSNET. Though the largest part of the Internet is in the United States, the Internet still connects the TCP/IP networks in Europe, Japan, Australia, Canada, and Mexico. 5 Where can you access Internet ? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Internet is most likely to be found on Local Area Networks or LANs and Wide Area networks or WANs. LANs are defined as networks permitting the interconnection and intercommunication of a group of computers, primarily for the sharing of resources such as data storage device and printers. LANs cover a short distance (less than a mile), almost always within a single building complex. Normally having gateways to Internet, and in turn Internet the back bone to the area network, but one could argue this point. WANs are networks which have been designed to carry data calls over long distances (many hundreds of miles). Thus also being (for the same reasons LANs are) linked into the mix mash of PSN. You can also access Internet through TymNet or Telenet via gateway. But i do not happen to have the TymNet or Telenet a NUA now, just ask around. 6 TAC ~~~~~~~ TAC is another way to access internet, but due to the length of this part I just made it another section. TAC (terminal access controller) is another way to access Internet. This is just dial-up terminal to a terminal access controller. You will need to hack out a password and account. TAC has direct access to MILNET (a part of internet, one of the networks in the group that makes up internet). A TAC dial up number is 18oo/368+2217 (this is just one, there are full lists on any good text file board), and TAC information services from which you can try to social engineer a account (watch out their is a CERT report out about this, for more information the CERT reports are available at 128.237.253.5 anonymous ftp, more on that later), the number is 18oo/235+3155 and 1415/859+3695. If you want the TAC manual you can write a letter to (be sure an say you want the TAC user guide, 310-p70-74) : Defense Communications Agency Attn: Code BIAR Washington, DC 2o3o5-2ooo To logon you will need a TAC Access Card, but you are a hacker, so I am not counting on this (if you can get a card, you would get it from the DDN NIC). Here is a sample logon: Use Control-Q for help... * * PVC-TAC 111: 01 \ TAC uses to this to identify itself * @ #o 124.32.5.82 \ Use ``O'' for open and the internet * / address which yea want to call. * * TAC Userid: #THE.GATSBY * Access Code: #10kgb0124 * Login OK * TCP trying...Open * * Good Luck you will need it.... 7 Basic Commands, and things to do ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ a: Basic TELNET Commands Ok, you now have a account on a UNIX system which is a host on Internet, you can not access the world. Once on the UNIX system you should see a prompt, which can look like a '$', '%' of the systems name (also depending on what shell you are in, and the type of UNIX system). Now at the prompt you can do all the normal UNIX accounts, but when on a Internet host you can type 'telnet' which will bring you to the 'telnet' prompt. * * $ #telnet * ^ ^ | | | the command that will bring you to the telnet prompt | a normal UNIX prompt once this is done you should see this: * * telnet> * At this prompt you will have a whole different set of commands which are as follow (NOTE taken from UCSD, so this may vary from place to place). * * telnet> #help * * close close current connection * display display operating parameters * open connect to a site * quit exit telnet * send transmit special character * set set operating parameters * status print status information * toggle toggle operating parameters * ? to see what you are looking at now * close - this command is used to 'close' a connection, when multitasking or jumping between systems. display - this set the display setting, commands for this are as follow. ^E echo. ^] escape. ^H erase. ^O flushoutput. ^C interrupt. ^U kill. ^\ quit. ^D eof. open - type 'open [host]' to connect to a system * * $ #telnet ucsd.edu * or * * telnet> #open 125.24.64.32.1 * quit - to get out of telnet, and back to UNIX. send - send files set - echo - character to toggle local echoing on/off escape - character to escape back to telnet command mode The following need 'localchars' to be toggled true erase - character to cause an Erase Character flushoutput - character to cause an Abort Output interrupt - character to cause an Interrupt Process kill - character to cause an Erase Line quit - character to cause a Break eof - character to cause an EOF ? - display help information ? - to see the help screen b: ftp ANONYMOUS to a remote site ftp or file transfer protocol is used to copy file from a remote host to the one that you are on. You can copy anything from some ones mail to the passwd file. Though security has really clamped down on the passwd flaw, but it will still work here and there (always worth a shot). More on this later, lets get an idea what it is first. This could come in use full when you see a Internet CuD site that accepts a anonymous ftps, and you want to read the CuDs but do not feel like wasting your time on boards down loading them. The best way to start out is to ftp a directory to see what you are getting (taking blind stabs is not worth a few CuDs). This is done as follow: (the CuD site is Internet address 192.55.239.132, and my account name is gats) * * $ #ftp * ^ ^ | | | ftp command | UNIX prompt * * ftp> #open 192.55.239.132 * Connected to 192.55.239.132 * 220 192.55.239.132 FTP Server (sometimes the date, etc) * Name (192.55.239.132:gats): #anonymous * ^ ^ ^ | | | | | This is where you type 'anonymous' unless | | you have a account 192.55.239.132. | | | This is the name of my account or [from] | This is the Internet address or [to] * * Password: #gats * ^ | For this just type your user name or anything you feel like typing in at that time. * * % ftp 192.55.239.132 * Connected to 192.55.239.132 * ftp> #ls * ^ | You are connected now, thus you can ls it. Just move around like you would in a normal unix system. Most of the commands still apply on this connection. Here is a example of me getting a Electronic Frontier Foundation Vol. 1.04 from Internet address 192.55.239.132. * * % #ftp * ftp> #open 128.135.12.60 * Trying 128.135.12.60... * 220 chsun1 FTP server (SunOS 4.1) ready. * Name (128.135.12.60:gatsby): anonymous * 331 Guest login ok, send ident as password. * Password: #gatsby * 230 Guest login ok, access restrictions apply. * ftp> #ls * 200 PORT command successful. * 150 ASCII data connection for /bin/ls (132.239.13.10,4781) * (0 bytes). * .hushlogin * bin * dev * etc * pub * usr * README * 226 ASCII Transfer complete. * 37 bytes received in 0.038 seconds (0.96 Kbytes/s) * ftp> / \ this is where you can try to 'cd' the "etc" dir or just 'get' / /etc/passwd, but grabbing the passwd file this way is a dying art. \ But then again always worth a shot, may be you will get lucky. / * ftp> #cd pub * 200 PORT command successful. * ftp> #ls * ceremony * cud * dos * eff * incoming * united * unix * vax * 226 ASCII Transfer cmplete. * 62 bytes received in 1.1 seconds (0.054 Kbytes/s) * ftp> #cd eff * 250 CWD command successful. * ftp> #ls * 200 PORT command successful. * 150 ASCII data connection for /bin/ls (132.239.13.10,4805) (0 bytes). * Index * eff.brief * eff.info * eff.paper * eff1.00 * eff1.01 * eff1.02 * eff1.03 * eff1.04 * eff1.05 * realtime.1 * 226 ASCII Transfer complete. * 105 bytes received in 1.8 seconds (0.057 Kbytes/s) * ftp> #get * (remote-file) #eff1.04 * (local-file) #eff1.04 * 200 PORT command successful. * 150 Opening ASCII mode data connection for eff1.04 (909 bytes). * 226 Transfer complete. * local: eff1.04 remote: eff1.04 * 931 bytes received in 2.2 seconds (0.42 Kbytes/s) * ftp> #close * Bye... * ftp> #quit * % * To read the file you can just 'get' the file and buff it! Now if the files are just too long you can 'xmodem' it off the host your on. Just type 'xmodem' and that will make it much faster to get the files. Here is the set up (stolen from ocf.berkeley.edu). If you want to: type: send a text file from an apple computer to the ME xmodem ra send a text file from a non-apple home computer xmodem rt send a non-text file from a home computer xmodem rb send a text file to an apple computer from the ME xmodem sa send a text file to a non-apple home computer xmodem st send a non-text file to a home computer xmodem sb xmodem will then display: * * XMODEM Version 3.6 -- UNIX-Microcomputer Remote File Transfer Facility * File filename Ready to (SEND/BATCH RECEIVE) in (binary/text/apple) mode * Estimated File Size (file size) * Estimated transmission time (time) * Send several Control-X characters to cancel * Hints - File transfer can be an iffy endeavor; one thing that can help is to tell the annex box not to use flow control. Before you do rlogin to an ME machine, type stty oflow none stty iflow none at the annex prompt. This works best coming through 2-6092. Though i have not found this on too many UNIX systems with the xmodem command, but where it is you can find me LeEcHiNg files. |~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| | Special commands used during ftp session: | | | | Command: Description: | | | | cdup same as cd .. | | dir give detailed listing of files | | | | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ c: How to tftp the Files tftp (Trivial File Transfer Protocol, the command is not in caps, because UNIX is cap sensitive) is a command that is used to transfer files from host to host. This command is used sometimes like ftp, in that you can mover around using UNIX command. I will not go into this part of the command, but i will go into the basic format, and structure to get files you want. More over I will be covering how to flip the /etc/passwd out of remote sites. Real use full, then you can give Killer Kracker a test run! Well there is a little trick that has been around a while. This trick it the tftp. This little trick will help you to "flip" the /etc/passwd file out of different sites. This can be real handy, you can have the passwd file with out breaking into the system. Then just run Brute Hacker (the latest version) on the thing, thus you will save time, and energy. This 'hole' (NOTE the word 'hole' is not used in this case in the normal sense, the normal sense it a way to obtain super user status once in UNIX) may be found on SunOS 3.X, but have been fixed in 4.0. Though i have found this hole in several other system, such as System V, BSD and a few others. The only problem with this 'hole' is that the system manager will sometimes know that you are doing this (that is if the manager know what the hell he is doing). The problem occurs when attempts to tftp the /etc/passwd is done too many times, you may see this (or something like this) when you logon on to your ? account. (This is what I buffed this off plague.berkeley.edu, hmm i think they knew what i was doing ). * * DomainOS Release 10.3 (bsd4.3) Apollo DN3500 (host name): * This account has been deactivated due to use in system cracking * activities (specifically attempting to tftp /etc/passwd files from remote * sites) and for having been used or broken in to from . If the legitimate owner of the account wishes it reactivated, * please mail to the staff for more information. * * - Staff * Though, if this is not done too much it can be a use full tool in hacking on Internet. The tftp is used in this format is as follow: tftp - /etc/passwd Command -g is to get the file, this will copy the file onto your 'home' directory, thus you can do anything with the file. Any Name If your going to copy it to your 'home' directory you may want to name anything that is not already used. I have found it best to name it 'a' or the internet address name, so I know where is came from. Internet This is the address that you want to snag the passwd file Address from. I will not include any for there are huge list that other hackers have scanned out, and I would be just copying their data. /ETC/PASSWD THIS IS THE FILE THAT YOU WANT, ISN'T IT ? I DO NOT THINK YOU want John Jones mail. Well you could grab their mail, this would be one way to do it. netascii This how you want file transferred, you can also do it Image, but i have never done this. I just leave it blank, and it dose it for me. & Welcome to the power of UNIX, it is multitasking, this little symbol place at the end will allow you to do other things (such as grab the passwd file from the UNIX that you are on). Here is the set up:We want to get the passwd file from sunshine.ucsd.edu. The file is copying to your 'home' directory is going to be named 'asunshine'. * * $ #tftp -g asunshine sunshine.ucsd.edu /etc/passwd & * d Basic Fingering Fingering is a real good way to get account on remote sites. Typing 'who' of just 'finger ' you can have names to "finger". This will give you all kinds info. on the persons account, thus you will have a better chance of cracking that system. Here is a example of how to do it. * * % #who * joeo ttyp0 Jun 10 21:50 (bmdlib.csm.edu) * gatsby ttyp1 Jun 10 22:25 (foobar.plague.mil) * bbc crp00 Jun 10 11:57 (aogpat.cs.pitt.edu) * liliya display Jun 10 19:40 /and fingering what you see * % #finger bbc * Login name: bbc In real life: David Douglas Cornuelle * Office: David D. Co * Directory: //aogpat/users_local/bdc Shell: /bin/csh * On since Jun 10 11:57:46 on crp00 from aogpat Phone 555-1212 * 52 minutes Idle Time * Plan: I am a dumb fool!! * % * From there i can just call 'aogpat.cs.pit.edu' and try to hack it out. Try the last name as the password, the first name, middle name and try them all backwards (do i really need to explain it any more). The chances are real good that you WILL get in since you now have something to work with. If there are no users in line for you to type "who" you can just type "last" and all the user who logged on will come rolling out, and "finger" them. The only problem with using the last command is aborting it. You can also try and call them and say you are the system manager, and bull shit your way to your new account! But i have not always seen phone numbers, only on some systems.... 11 Networks You Will See Around ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ I though I would add this as a reference guide to some common networks on the Internet. If anything, you can know what people are talking about on some good BBSs you may be on. NOTE I assembled this list from various information I have. AARNet - Australian Academic and Research Network, this network is to support research for various Australian Universities. This network supports TCP/IP, DECnet, and OSI (CLNS). ARPANET - Getting sick of reading about this yet ? Well i am getting sick of typing it. BITNET - Because It's Time NETwork (BITNET) is a worldwide network that connects many colleges and universities. This network uses many different protocols, but it dose use the TCP/IP. Maybe you will come across it. CREN CSNET - Corporation for Research and Educational Network (CREN), The Computer + Science research NETwork (CSNET). This network links scientists at sites all over the world. CSNET providing access to the Internet, CRET to BITNET. CREN being the name used today. CSUNET - California State University Network (CSUNET). This net connects the California State University campuses and other universities in California. This network is based on the CCITT X.25 protocol, and also uses TCP/IP, SNA/DSLC, DECnet, etc etc. The Cypress Net - This network started as a experimental network. The use of this network today is to connection to the TCP/IP Internet as a cheap price. DRI - Dirty Rotten Oops, _Defense _Research _Internet is a WAN that is used as a platform from which to work from. This network has all kind of services, such as multicast service, real-time conference etc. This network uses the TCP/IP (also see RFC 907-A for more information on this network). ESnet - Is the new network by the Department of Energy Office of Energy Research (DoE OER). This net is the backbone for all DoE OER programs. This network replaced the High Energy Physics DECnet (HEPnet) and also the Magnetic Fusion Energy network (MFEnet). The protocols offered are IP/TCP, and also DECnet service. JANET - JANET is a Joint Academic NETwork based in the UK, connected to the Internet. JANET is a PSN (information has pass through a PAD) using the protocol X.25 though it dose support the TCP/IP. This network also connects PSS (Packet Switched Service is a PSN that is owned and operated by British telecom). JUNET - Japan's university message system using UUCP, the Internet as its backbone, and X.25 (Confused, read RFC 877). This network is also a part of USENET (this is the network news). Los Nettos - Los Nettos is a high speed MAN in the Los Angeles area. This network uses the IP/TCP. MILNET - When ARPANET split, the DDN was created, thus MILNET (MILitary NETwork) being apart of the network. MILNET is a unclassified, along with three other classified networks which make up the DDN. NORDUNet - This net is the backbone to the networks in the Nordic Countries, Denmark (DENet), Finland (FUNET), Iceland (SURIS), Norway (UNINETT), and Sweden (SUNET). NORDUnet supports TCP/IP, DECNet, and X.25. NSN - NASA Science Network (NSN), this network is for NASA to send and relay information. The protocols used are TCP/IP and there is a sister network called Space Physics Analysis Network (SPAM) for DECNet. ONet - Ontario Network is a TCP/IP network that is research network. NSFNet - National Science Foundation Network, this network is in the IP/TCP family but in any case it uses UDP (User Diagram Protocol) and not TCP. NSFnet is the network for the US scientific and engineering research community. Listed below are all the NSFNet Sub-networks. BARRNet - Bay Area Regional Research Network is a MAN in the San Francisco area. This network uses TCP/IP. When on this network be sure and stop into LBL and say hi to Cliff Stool! Welp, I do not think there is a bigger fool! (yeah I read his book too, i did not stop hacking for a weeks after reading it). CERFnet - California Education and Research Federation Network is a research (welp, there is a lot of research going to in the Internet, huh ?) based network supporting Southern Californian Universities communication services. This network uses TCP/IP. CICNet - Committee on Institutional Cooperation. This network services the BIG 10, and University of Chicago. This network uses JvNCnet - John von Neumann National Supercomputer Center. This network uses TCP/IP. Merit - Mert is a network connects Michigan's academic and research computers. This network supports TCP/IP, X.25 and Ethernet for LANs. MIDnet - MIDnet connects 18 universities and research centers in the midwest US. The support protocols are TELNET, FTP and SMTP. MRNet - Minnesota Regional Network, this network services Minnesota. The network protocols are TCP/IP. NEARnet - New England Academic and Research Network, connects various research/educational institutions. You can get more information about this net by mailing 'nearnet-staff@bbn.com'. That is if you have address like I do. NCSAnet - National Center for Supercomputing Applications (hell, there is a network for this ? I can think of a lot of application for it a Cray, Kracking K0dez maybe?) supports the whole IP family (TCP, UDP, ICMP, etc). NWNet - North West Network provides service to the Northwestern US, and Alaska. This network supports IP and DECnet. NYSERNet - New York Service Network is a autonomous nonprofit network. This network supports the TCP/IP. OARnet - Ohio Academic Resources Network gives access to Ohio Supercomputer Center. This network supports TCP/IP. PREPnet - Pennsylvania Research and Economic Partnership is a network run, operated and managed by Bell of Pennsylvania. It supports TCP/IP. PSCNET - Pittsburgh Supercomputer Center serving Pennsylvania, Maryland, and Ohio. It supports TCP/IP, and DECnet. SDSCnet - San Diego Super Computer Center is a network whose goal is to support research in the field of science. The Internet address is 'y1.ucsc.edu' or call Bob at 619/534+5o6o and ask for a account on his Cray. I am sure he will be happy to help you out. Sesquinet - Sesquinet is a network based in Texas, TCP/IP are the primary protocols. SURAnet - Southeastern Universities Research Association Network is a network that connects southern institutions. It is more of a south eastern connection, than a southern connection. THEnet - Texas Higher Education Network is a network that is run by Texas A&M University. This network connects to host Mexico. USAN/NCAR - University SAtellite Network (USAN)/National Center for Atmospheric Research is a network for the for a information exchange. Westnet - Westnet connects the western part of the US, not including California. The network is supported by Colorado State University. USENET - USENET is the network news (the message base for the Internet). This message base is the largest i have ever seen, with well over 400 different topics, connecting 17 different countries. I just read the security, unix bugs, and telco talk posts with each of those subs having 100++ posts a day, i send a few hours reading. There is just too much!! 12 Internet Protocols ~~~~~~~~~~~~~~~~~~~~~~ TCP/IP is a general term, this means everything related to the whole family of Internet protocols. The protocols in this family are IP, TCP, UDP, ICMP, ROSE, ACSE, CMIP, ISO, ARP and Ethernet for LANs. I will not go into the too in depth, as to not take up ten-thousand pages, and not to bore you, if you want more information, get the RFCs. RFCs authors (yeah authors, some RFC are books!!) are stuck up Ph.d.s in Computer Science, hell I am just some dumb Cyberpunk. TCP/IP protocol is a "layered" set of protocols. In this diagram taken from RFC 1180 you will see how the protocol is layered when connection is made. Figure is of a Basic TCP/IP Network Nodes ----------------------------------- | Network Application | | | | ... \ | / .. \ | / ... | | ------- ------- | | | TCP | | UDP | | | ------- ------- | | \ / | % Key % | ------- --------- | ~~~~~~~ | | ARP | | IP | | UDP User Diagram Protocol | ------- ------*-- | TCP Transfer Control Protocol | \ | | IP Internet Protocol | \ | | ENET Ethernet | ------------- | ARP Address Resolution | | ENET | | Protocol | -------@----- | O Transceiver | | | @ Ethernet Address -------------- | ------------------ * IP address | ========================O================================================= ^ | Ethernet Cable TCP/IP: If connection is made is between the IP module and the TCP module the packets are called a TCP datagram. TCP is responsible for making sure that the commands get through the other end. It keeps track of what is sent, and retransmits anything that does not go through. The IP provides the basic service of getting TCP datagram from place to place. It may seem like the TCP is doing all the work, this is true in small networks, but when connection is made to a remote host on the Internet (passing through several networks) this is a complex job. Say I am connected from a server at UCSD, and I am connection through to LSU (SURAnet) the data grams have to pass through a NSFnet backbone. The IP has to keep track of all the data when the switch is made at the NSFnet backbone from the TCP to the UDP. The only NSFnet backbone that connects LSU is University of Maryland. U. of Maryland has different circuit sets, thus having to pass through them. The cable (trunk)/circuit types are the T1 (a basic 24-channel 1.544 Md/s pulse code modulation used in the US) to a 56 Kbps. Keeping track of all the data from the switch from T1 to 56Kbs and TCP to UDP is not all it has to deal with. Datagrams on their way to the NSFnet backbone (U. of Maryland) may take many different paths from the UCSD server. All the TCP dose is break up the data into datagrams (manageable chunks), and keeps track of the datagrams. The TCP keeps track of the datagrams by placing a header at the front of each datagram. The header contains 160 (20 octets) pieces of information about the datagram. Some of the information in this is the sending FQDN to the receiving FQDN (more over the port address, but Fully Qualified Domain Name is a much better term). The datagrams are numbers in octets (a group of eight binary digits, say there are 500 octets of data, the numbering of the datagrams would be 0, next datagram 500, next datagram 1000, 1500 etc. UDP/IP: UDP is one of the two main protocols to count of the IP. In other words the UDP works the same as TCP, it places a header on the data you send, and passes it over to the IP for transportation through out the internet. The difference is in it offers service to the user's network application, thus it dose not maintain a end-to-end connection, it just pushes the datagrams out! ICMP: ICMP is used for relaying error messages, such as you may try to connect to a system and get a message back saying "Host unreachable", this is ICMP in action. This protocol is universal within the Internet, because if it's nature. This protocol dose not use port numbers in it's headers, since it talks to the network software it self. Ethernet: Most of the networks use Ethernet. Ethernet is just a party line. When packets are sent out on the Ethernet, every host on the Ethernet sees them. To make sure the packets get to the right place the Ethernet designers wanted to make sure that each address is different. For this reason 48 bits are allocated for the Ethernet address, and a built in Ethernet address on the Ethernet controller. The Ethernet packets have a 14-octet header, this includes address to and from. The Ethernet is not too secure, it is possible to have the packets go to two places, thus someone can see just what you are doing. You need to take note that the Ethernet is not connected to the internet, in other words a host on the Ethernet and on the Internet has to have both a Ethernet connection and a Internet server. ARP ARP translates IP address to Ethernet address. A conversion table is used (the table is called ARP Table) to convert the addresses. Thus you would never even know if you were connected to the Ethernet because you would be connecting to the IP address. This is a real ruff description of a few Internet protocols, but if you would like to know more information you can access it via anonymous ftp from various hosts. Here is a list of RFC that are on the topic of protocols. |~~~~~~~~~~~~~~~|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| | RFC: | Description: | | | | |~~~~~~~~~~~~~~~|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| | rfc1011 | Official Protocols of the Internet | | rfc1009 | NSFnet gateway specifications | | rfc1001/2 | netBIOS: networking for PC's | | rfc894 | IP on Ethernet | | rfc854/5 | telnet - protocols for remote logins | | rfc793 | TCP | | rfc792 | ICMP | | rfc791 | IP | | rfc768 | UDP | | | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 13 Hostname and Address ~~~~~~~~~~~~~~~~~~~~~~~~ This is for those of who like to know what they are doing, and when it comes to address, you will know what you are looking at. Hostnames: Internet address are long and hard to remember such as 128.128.57.83. If you had to remember all the hosts you are on you would need a really good memory which most people (like me) do not have. So Being humans (thus lazy) we came up with host names. All hosts registered on the Internet must have names that reflect them domains under which they are registered. Such names are called Fully Qualified Domain Names (FQDNs). Ok, lets take apart a name, and see such domains. lilac.berkeley.edu ^ ^ ^ | | | | | |____ ``edu'' shows that this host is sponsored by a | | educational related organization. This is a | | top-level domain. | | | |___________ ``berkeley'' is the second-level domain, this | shows that it is an organization within UC | Berkeley. | |__________________ ``lilac'' is the third-level domain, this indicates the local host name is 'lilac'. Here is a list of top-level domain you will run into. |~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| | Common Top-Level Domains | | | | COM - commercial enterprise | | EDU - educational institutions | | GOV - nonmilitary government agencies | | MIL - military (non-classified) | | NET - networking entities | | ORG - nonprofit intuitions | | | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Addressing: A network address is that numeric address of a host, gateway or TAC. The address was though of with us in mind, meaning it is easy to scan (war dial, wonder etc..). The address are maid up of four decimals numbered slots, which are separated by the well know dot called a period. The think I will place at the end of this sentence. See it, it is four word over from the word four. Now that we have that down , we can move on. There are three classes that are used most, these are Class A, Class B, and Class C. I know this has nothing to do with you, but I feel you should know what they are... Class A - from '0' to '127' Class B - from '128' to '191' Class C - from '192' to '223' Class A - Is for MILNET net hosts. The first part of the address has the network number. The second is for the their physical PSN port number, and the third is for the logical port number, since it is on MILNET it is a MILNET host. The fourth part is for which PSN is on. 29.34.0.9. '29' is the network it is on. '34' means it is on port '34'. '9' is the PSN number. Class B - This is for the Internet hosts, the first two "clumps" are for the network portion. The second two are for the local port. 128.28.82.1 \_/ \_/ | |_____ Local portion of the address | |___________ Potation address. Class C - The first three "clumps" is the network portion. And the last one is the local port. 193.43.91.1 ^ ^ ^ ^ \_|_/ |_____ Local Portation Address | |__________ Network Portation Address 14 Tips and Hints ~~~~~~~~~~~~~~~~~~ When on a stolen account these are basic thing to do and not to do. - Do not logon too late at night. All the manager has to do is see when you logged on by typing "login". If it sees 3 am to 5 am he is going to know that you were in the system. I know, I love spending all night on a account, but the best times are in the middle of the day when the normal (the owner) would use the account. (NOTE this is what they look for !) - Do not leave files that were not there on *ANY* directory, checks are sometimes made. This is on a system security check list, which is normally done from time to time. - When hacking, do not try to hack a account more than three times. It does show up on a logon file (when more than three try are made on the same account !), and it will also not let you logon on the account even if you do get it right (NOTE this is not on all UNIX systems). - Do not type in your handle ! you real name etc .. - Encrypt all the mail you send. - Leave VMS alone, VMS and TCP/IP do not mix well. It is not worth your time. VMS is better for a X.25 network. - DO send The Gatsby all the accounts you will get and have. @#$$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#%@#$@#$% # @ $ I would like to take this time to thank # % Doctor Dissector for getting me on in the $ @ The Internet in the first place, and % # for helping me correct the errors in @ $ the first release. # % $ @ The Gatsby 1991 % # @ @#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$%@#$ This has been a AXiS Production! |\ /| (6_9) 'U` . =/eof . -------------------------------------------------------------------------------- ==Phrack Classic== Volume Three, Issue 33, File #6 of 10 *** Social Security Numbers *** by Private Citizen *** June 1, 1991 Many people are concerned about the number of organizations asking for their Social Security Numbers. They worry about invasions of privacy and the oppressive feeling of being treated as just a number. Unfortunately, I can't offer any hope about the dehumanizing effects of identifying you with your numbers. I *can* try to help you keep your Social Security Number from being used as a tool in the invasion of your privacy. Surprisingly, government agencies are reasonably easy to deal with; private organizations are much more troublesome. Federal law restricts the agencies at all levels of government that can demand your number and a fairly complete disclosure is required even if its use is voluntary. There are no comparable laws restricting the uses non-government organizations can make of it, or compelling them to tell you anything about their pla*s. With privrte institutions, your main recourse is refusing to do business with anyone whose terms you don't like. Short History Social Security numbers were introduced by the Social Security Act of 1935. They were originally intended to be used only by the social security program, and public assurances were given at the time that use would be strictly limited. In 1943 Roosevelt signed Executive Order 9397 which required federal agencies to use the number when creating new record-keeping systems. In 1961 the IRS began to use it as a taxpayer ID number. The Privacy Act of 1974 required authorization for government agencies to use SSNs in their data bases and required disclosures (detailed below) when government agencies request the number. Agencies which were already using SSN as an identifier were allowed to continue using it. The Tax Reform Act of 1976 gave authority to state or local tax, welfare, driver's license, or motor vehicle registration authorities to use the number in order to establish identities. The Privacy Protection Study Commission of 1977 recommended that the Executive Order be repealed after some agencies referred to it as their authorization to use SSNs. I don't know whether it was repealed, but that practice has stopped. The Privacy Act of 1974 (5 USC 552a) requires that any federal, state, or local government agency that requests your Social Security Number has to tell you three things: 1: Whether disclosure of your Social Security Number is required or optional, 2: What law authorizes them to ask for your Social Security Number, and 3: How your Social Security Number will be used if you give it to them. In addition, the Act says that only Federal law can make use of the Social Security Number mandatory. So anytime you're dealing with a government institution and you're asked for your Social Security Number, just look for the Privacy Act Statement. If there isn't one, complain and don't give your number. If the statement is present, read it. If it says giving your Social Security Number is voluntary, you'll have to decide for yourself whether to fill in the number. Private Organizations The guidelines for dealing with non-governmental institutions are much more tenuous. Most of the time private organizations that request your Social Security Number can get by quite well without your number, and if you can find the right person to negotiate with, they'll willingly admit it. The problem is finding that right person. The person behind the counter is often told no more than "get the customers to fill out the form completely." Most of the time, you can convince them to use some other number. Usually the simplest way to refuse to give your Social Security Number is simply to leave the appropriate space blank. One of the times when this isn't a strong enough statement of your desire to conceal your number is when dealing with institutions which have direct contact with your employer. Most employers have no policy against revealing your Social Security Number; they apparently believe the omission must have been an unintentional slip. Lenders and Borrowers Banks and credit card issuers are required by the IRS to report the SSNs of account holders to whom they pay interest or when they charge interest and report it to the IRS. If you don't tell them your number you will probably either be refused an account or be charged a penalty such as withholding of taxes on your interest. Insurers, Hospitals, Doctors No laws require medical service providers to use your Social Security Number as an ID number. (except for Medicare, Medicaid, etc.) They often use it because it's convenient or because your employer uses it to certify employees to its groups health plan. In the latter case, you have to get your employer to change their policies. Often, the people who work in personnel assume that the employer or insurance company requires use of the SSN when that's not really the case. When my current employer asked for my SSN for an insurance form, I asked them to try to find out if they had to use it. After a week they reported that the insurance company had gone along with my request and told me what number to use. Blood banks also ask for the number but are willing to do without if pressed on the issue. After I asked politely and persistently, the blood bank I go to agreed that they didn't have any use for the number, and is in the process of teaching their receptionists not to request the number. Why use of Social Security Numbers is a problem The Social Security Number doesn't work well as an identifier for several reasons. The first reason is that it isn't at all secure; if someone makes up a nine-digit number, it's quite likely that they've picked a number that is assigned to someone. There are quite a few reasons why people would make up a number: to hide their identity or the fact that they're doing something; because they're not allowed to have a number of their own (illegal immigrants, e.g.), or to protect their privacy. In addition, it's easy to write the number down wrong, which can lead to the same problems as intentionally giving a false number. There are several numbers that have been used by thousands of people because they were on sample cards shipped in wallets by their manufacturers. (One is given below.) When more than one person uses the same number, it clouds up the records. If someone intended to hide their activities, it's likely that it'll look bad on whichever record it shows up on. When it happens accidently, it can be unexpected, embarrassing, or worse. How do you prove that you weren't the one using your number when the record was made? A second problem with the use of SSNs as identifiers is that it makes it hard to control access to personal information. Even assuming you want someone to be able to find out some things about you, there's no reason to believe that you want to make all records concerning yourself available. When multiple record systems are all keyed by the same identifier, and all are intended to be easily accessible to some users, it becomes difficult to allow someone access to some of the information about a person while restricting them to specific topics. What you can do to protect your number If despite your having written "refused" in the box for Social Security Number, it still shows up on the forms someone sends back to you (or worse, on the ID card they issue), your recourse is to write letters or make phone calls. Start politely, explaining your position and expecting them to understand and cooperate. If that doesn't work, there are several more things to try: 1: Talk to people higher up in the organization. This often works simply because the organization has a standard way of dealing with requests not to use the SSN, and the first person you deal with just hasn't been around long enough to know what it is. 2: Enlist the aid of your employer. You have to decide whether talking to someone in personnel, and possibly trying to change corporate policy is going to get back to your supervisor and affect your job. 3: Threaten to complain to a consumer affairs bureau. Most newspapers can get a quick response. Some cities, counties, and states also have programs that might be able to help. 4: Tell them you'll take your business elsewhere (and follow through if they don't cooperate.) 5: If it's a case where you've gotten service already, but someone insists that you have to provide your number in order to have a continuing relationship, you can choose to ignore the request in hopes that they'll forget or find another solution before you get tired of the interruption. If someone absolutely insists on getting your Social Security Number, you may want to give a fake number. There is no legal penalty as long as you're not doing it to get something from a government agency or to commit fraud. There are a few good choices for "anonymous" numbers. Making one up at random is a bad idea, as it may coincide with someone's real number and cause them some amount of grief. It's better to use a number like 078-05-1120, which was printed on "sample" cards inserted in thousands of new wallets sold in the 40's and 50's. It's been used so widely that both the IRS and SSA recognize it immediately as bogus, while most clerks haven't heard of it. It's also safe to invent a number that has only zeros in one of the fields. The Social Security Administration never issues numbers with this pattern. They also recommend that people showing Social Security cards in advertisements use numbers in the range 987-65-4320 through 987-65-4329. The Social Security Administration recommends that you request a copy of your file from them every few years to make sure that your records are correct. -------------------------------------------------------------------------------- ==Phrack Classic== Volume Three, Issue 33, File #7 of 10 ________________________________________________________ | | | :-) FEDIX | | On-Line Information Service | | | | Written by the people at FEDIX | | | | Submitted to Phrack Classic by | | | | Progressive Hegemony of Radical Activist Computer Kids | | | | "Supporting the Concept of Freedom of Information" | |________________________________________________________| What is FEDIX? FEDIX is an on-line information service that links the higher education community and the federal government to facilitate research, education, and services. The system provides accurate and timely federal agency information to colleges, universities, and other research organizations. There are NO REGISTRATION FEES and NO ACCESS CHARGES for using FEDIX. The only cost is for the phone call. FEDIX provides daily information updates on: - Federal EDUCATION and RESEARCH PROGRAMS (including descriptions, eligibility, funding, deadlines). - SCHOLARSHIPS, FELLOWSHIPS, and GRANTS - Available used government RESEARCH EQUIPMENT - New funding for specific research and education activities from the COMMERCE BUSINESS DAILY, FEDERAL REGISTER, and other sources. - MINORITY ASSISTANCE research and education programs - NEWS & CURRENT EVENTS within participating agencies - GENERAL INFORMATION such as agency history, budget, organizational structure, mission statement, etc. PARTICIPATING AGENCIES Currently FEDIX provides information on 7 federal agencies broken down into 2 general categories: 1. Comprehensive Education and Research Related Agency Information - The Department of Energy (DOE) - Office of Naval Research (ONR) - National Aeronautics and Space Administration (NASA) - Federal Aviation Administration (FAA) 2. Minority Assistance Information - National Science Foundation (NSF) - Department of Housing and Urban Development (HUD) - Department of Commerce (DOC) Additional government agencies are expected to join FEDIX in the future. REQUIRED HARDWARE AND SOFTWARE Any microcomputer with communications software (or a dumb terminal) and a modem operating at 1200 or 2400 baud can access the system. HOURS OF OPERATION The system operates 24 hours a day, 7 days a week. The only exceptions are for periodic system updating or maintenance. TELEPHONE NUMBERS * Computer (data line): 301-258-0953 or 1-800-232-4879 * HELPLINE (technical assistance): 301-975-0103. The HELPLINE (for problems or comments) is open Monday-Friday 8:30 AM-4:30 PM Eastern Daylight Time, except on federal holidays. SYSTEM FEATURES Although FEDIX provides a broad range of features for searching, scanning, and downloading, the system is easy to use. The following features will permit quick and easy access to agency databases: Menus -- Information in the system is organized under a series of branching menus. By selecting appropriate menu options (using either the OPTION NUMBER or the two-character MENU CODE), you may begin at the FEDIX Main Menu and work your way through various intermediate menus to a desired sub-menu. However, if you already know the menu code of a desired menu, you may bypass the intermediate menus and proceed directly to that menu by typing the menu code at the prompt. Help screens are available for key menus and can be viewed by typing '?' at the prompt. Capturing Data -- If you are using a microcomputer with communications software, it is likely that your system is capable of storing or "capturing" information as it comes across your screen. If you "turn capture on", you will be able to view information from the databases and store it in a file on your system to be printed later. This may be desirable at times when downloading is not appropriate. Refer to your communications software documentation for instructions on how to activate the capture feature. Downloading -- Throughout the system, options are available which allow you to search, list, and/or download files containing information on specific topics. The download feature can be used to deliver text files (ASCII) or compressed, self-extracting ASCII files to your system very quickly for later use at your convenience. Text files in ASCII format, tagged with a ".MAC" extension, are downloadable by Macintosh users. Compressed ASCII files, tagged with an ".EXE" extension, may be downloaded by users of IBM compatible computers. However, your system must be capable of file transfers. (See the documentation on your communication software). Mail -- An electronic bulletin board feature allows you to send and receive messages to and from the SYSTEM OPERATOR ONLY. This feature will NOT send messages between users. It can be used to inquire about operating the system, receive helpful suggestions from the systems operator, etc. Utility Menu -- The Utility Menu, selected from the FEDIX Main Menu, enables you to modify user information, prioritize agencies for viewing, search and download agency information, set a default calling menu, and set the file transfer protocol for downloading files. INDEX OF KEY INFORMATION ON FEDIX Key information for each agency is listed below with the code for the menu from which the information can be accessed. Please be advised that this list is not comprehensive and that a significant amount of information is available on FEDIX in addition to what is listed here. AGENCY/DATABASE MENU CODE DEPARTMENT OF ENERGY (DOE)/DOEINFO Available Used Research Equipment :EG: Research Program Information :IX: Education Program Information :GA: Search/List/Download Program Information :IX: Research and Training Reactors Information :RT: Procurement Notices :MM: Current Events :DN: NATIONAL AERONAUTICS AND SPACE ADMINISTRATION/NASINFO Research Program Information :RP: Education Program Information :EA: Search/List/Download Program Information :NN: Description/Activities of Space Centers :SC: Procurement Notices :EV: Proposal/Award Guidelines :NA: OFFICE OF NAVAL RESEARCH/ONRINFO Research Program Information :RY:,:AR: Special Programs (Special Research and Education Initiatives) :ON: Search/List/Download Program Information :NR: Description/Activities of Laboratories and other ONR Facilities :LB: Procurement Notices (Broad Agency Announcements, Requests for -- Proposals, etc. :NE: Information on the Preparation and Administration of Contracts, -- Grants, Proposals :AD: FEDERAL AVIATION ADMINISTRATION/FAAINFO Education Program Information - Pre-College :FE: Mio rity Aviation Education Programs :FY: Search/List/Download Program Information :FF: Aviation Education Resources (Newsletters, Films/Videos, -- Publications) :FR: Aviation Education Contacts (Government, Industry, Academic, -- Associations) :FO: College-Level Airway Science Curriculum Information :FC: Procurement Notice :FP: Planned Competitive and Noncompetitive Procurements for the -- Current Fiscal Year :F1: Employment Information :FN: Current Events :FV: MINORITY/MININFO U. S. Department of Commerce Research/Education Minority Assistance Programs :CP: Procurement Notices (ALL Notices for Agency) :M1: Current Events :M1: Minority Contacts :M1: Department of Energy Research/Education Minority Assistance Programs :EP: Procurement Notices (ALL Notices for Agency) :M2: Current Events :M2: Minority Contacts :M2: U.S. Department of Housing and Urban Development Research/Education Minority Assistance Programs :HP: Procurement Notices (ALL Notices for Agency) :M3: Current Events :M3: Minority Contacts :M3: National Aeronautics and Space Administration Research/Education Minority Assistance Programs :NP: Procurement Notices (ALL Notices for Agency) :M4: Current Events :M4: Minority Contacts :M4: National Science Foundation Research/Education Minority AssisdaXce Programs :SP: Procurement Notices (ALL Notices for Agency) :M5: Budget Information :SB: NSF Bulletin :M5: Minority Contacts :M5: ________________________________________________________________________________ ==Phrack Classic== Volume Three, Issue 33, File #8 of 10 ____________________________________________ || || || Toll Fraud || || || || by American Telephone & Telegraph (AT&T) || || || || July 22, 1991 || ||____________________________________________|| BASKING RIDGE, N.J. -- Thousands of American consumers are being ripped off every day by telephone con artists who trick them into revealing their calling card numbers or accepting long distance charges. AT&T is offering tips to consumers on how to avoid becoming a fraud victim. For starters, the company advises customers to be on the lookout for calling card number thieves in public places and to hang up on suspected telephone scam artists. The annual bill for telephone scams directed at consumers is estimated by industry experts at $1 billion. Saying the best defense against toll fraud is an educated consumer, AT&T is offering tips on how telephone customers can avoid two principal forms of fraud: Calling card and third-number billing scams. This telephone toll fraud occurs when someone places an illicit toll call by 1) charging the call to a stolen calling card number, or 2) tricking an innocent victim into accepting the toll charges. CALLING CARD FRAUD Calling card thieves usually find their victims in busy public places such as bus, train or airline terminals. The victim can be any unsuspecting caller who makes a calling card call from a public phone. Frequently, card number thieves simply stand close to their victim in order to watch the calling card digits being entered on a touch-tone phone. If a caller verbally provides calling card information to an operator, the thief tries to listen in. A thief may even use binoculars to scan the numbers from the calling card or to watch as the victim punches in the calling card digits on a touch-tone phone. Some unwary customers receive a call at home from a fraud artist posing as a phone company or law enforcement investigator. The fraud artist requests the customer's calling card number and provides a phony explanation of a supposed toll fraud investigation or problems with the company's database that require investigators to "activate" the customer's calling card number. Customers should know that no telephone company -- including AT&T, other long distance companies, and local phone companies -- would ever ask a customer for a calling card number or Personal Identification Number (PIN) over the telephone. Phone companies already have that information. After stealing calling card numbers, the thieves usually find an available public phone from which they sell discounted long-distance calls to locations around the world. THIRD-NUMBER BILLING FRAUD A different toll fraud scam involves what AT&T officials have labeled the "Just Say Yes" scam, in which victims are convinced to accept charges for calls made by someone else. A thief impersonating an investigator calls the victim at home and asks for the customer's cooperation in a telephone company investigation. The thief always has a plausible explanation, such as a criminal investigation or service disruption problems. The victim is then asked to "just say yes" when the operator calls them to accept charges for a series of international calls. The impostor reassures the customer that they won't be billed for the calls. In some cases, victims are promised substantial credit or cash payment as an incentive to cooperate. If the customer is reluctant to cooperate, the imposter may try intimidation by threatening to cut off phone service. EVERYONE PAYS Every day many innocent consumers become victims of telephone fraud. Customers should always protect the security of their calling card number. Customers should also know they are responsible if they willingly accept third-number charges. Because many of these charges are costly to collect, long distance companies lose millions of dollars to fraud every year. This drives up the cost of doing business, and as a result, all of the company's customers become victims of this crime. Telephone toll scam artists do not discriminate. Everyone is a potential victim, from corporate executives at the airport, to salesmen on the road, to teenage shoppers at the mall, to housewives, to home-bound elderly people. CALLING CARD FRAUD TIPS AT&T offers these tips to avoid calling card fraud: o Make sure no one can see you keying in your calling card number or overhear you reading the number to the operator. Whenever possible, use a phone that reads your calling card automatically. o Do not use your telephone calling card as identification for purchases. Use some other identification to avoid sharing your calling card number with a merchant. o Beware of individuals who call you at home requesting telephone calling card number verification. AT&T and other telephone companies will never ask for your card number over the phone. Your long distance and local phone companies already have that information in their billing records. o If you suspect that your telephone calling lard has been lost, stolen or otherwise compromised report this immediately to your long distance company. The company will immediately cancel your calling card number and issue you a new card. AT&T customers may dial 1-800-CALL ATT. THIRD-NUMBER BILLING FRAUD TIPS Third-number billing fraud often occurs under the guise of an "investigation." AT&T has these tips on third-number billing fraud: o If you receive a call from anyone claiming to be a phone company or law enforcement investigator asking you to accept charges, simply hang up immediately. o Telephone companies or law enforcement officials will never call customers and ask them to accept collect or third-party charges as part of an investigation. o If you suspect you are a victim of third-number billing fraud, you should report this immediately by calling the number for billing inquiries that appears on your phone bill. CONSUMER TIPS Telephone fraud is growing around the country both in public locations and even in the privacy of your own home. Thieves can steal your calling card number. Con artists may try to trick you into accepting international long distance charges. -------------------------------------------------------------------------------- ==Phrack Classic== Volume Three, Issue 33, File #9 of 10 KL ^*^ KL ^*^ KL ^*^ KL ^*^ KL K N I G H T L I N E Issue 002 / Part I First of September, 1991 Written, compiled, and edited by Crimson Death KL ^*^ KL ^*^ KL ^*^ KL ^*^ KL --- Welcome to Knight Line Issue 2! Yes, it has been too long, you may notice that Doc Holiday is not helping with the magazine anymore. After the first issue he bailed out on Knight Line, and is a big reason why the delay for the next issue has been so long. Anyone interested in helping with Knight Line should mail Crimson Death at: CDEATH@Stormking.com with your news articles, etc... You the readers are the main contributors to Phrack and Knight Line. It is here for you, so try to make the best of it. Thanks... Crimson Death --- Square Deal for Cable Pirates ----------------------------- National Programming Service has signed an agreement with 12 programmers representing 18 channel for an early conversion package for consumers with illegally modified VideoCipher II modules. The deal will be offered only to customers who convert their modified VideoCipher II modules to VC II Plus Consumer Security Protection Program (CSPP) modules. The program will be an option to NPS' current five-service minimum purchase required for conversion customers. Participating programmers have agreed to offer complimentary programming through the end of 1991 for conversion customers. To qualify, customers must buy an annual subscription which will start on Jan. 1, 1992 and run though Dec. 31, 1992. Any additional programming customers want to buy will start on the day they convert and will run for 12 consecutive months. NPS president Mike Schroeder said the objective of the program is to get people paying legally for programming from the ranks of those who are not. If a customer keeps his modified unit, he will be spending at least $600 for a new module in late 1992, plus programming, when he will be forced to convert due to a loss of audio in his modified unit. If a customer converts now to a VC II Plus with MOM (Videopal), then the net effective cost to the customer will be only $289.55 (figuring a $105 programming credit from Videopal and about $90 complimentary programming). Included in the deal are ABC, A&E, Bravo, CBS, Discovery Channel, Family Channel, NBC, Lifetime, Prime Network, PrimeTime 24, TNN, USA Network, WPIX, WSBK, and WWOR. The package will retail for $179.99. Details: 1-800- 444-3474. (Article Written by David Hartshorn) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Clark Development Systems Gets Tough ------------------------------------ Most of you have heard of PC-Board BBS software, but what you may not have heard is what Clark Development Systems are trying to do with people running illegal copies of his software. The Following messages appeared on Salt Air BBS, which is the support BBS for PC-Board registered owners. ----------------------------------------------------------------- Date: 08-19-91 (11:21) Number: 88016 of 88042 To: ALL Refer#: NONE From: FRED CLARK Read: HAS REPLIES Subj: WARNING Status: PUBLIC MESSAGE Conf: SUPPORT (1) Read Type: GENERAL (A) (+) *********************** Warning!! ***************************** Due to the extent and nature of a number of pirate PCBoard systems which have been identified around the US and Canada, we are now working closely with several other software manufacturers through the SPA (Software Publisher's Association) in order to prosecute these people. Rather than attempting to prosecute them solely through our office and attorney here in Salt Lake, we will now be taking advantage of the extensive legal resources of the SPA to investigate and shut down these systems. Since a single copyright violation will be prosecuted to the full extent of $50,000 per infringement, a number of these pirates are in for a big surprise when the FBI comes knocking on their door. Please note that the SPA works closely with the FBI in the prosecution of these individuals since their crimes are involved with trafficking over state lines. The SPA is now working closely with us and the information we have concerning the illegal distribution of our and other software publisher's wares. Please do not allow yourself to become involved with these people as you may also be brought into any suits and judgements won against them. We are providing this information as reference only and are not pointing a finger at any one specific person or persons who are accessing this system. This message may be freely distributed. Fred Clark President Clark Development Company, Inc. ----------------------------------------------------------------------- Date: 08-19-91 (08:28) Number: 47213 of 47308 To: AL LAWRENCE Refer#: NONE From: DAVID TERRY Read: NO Subj: BETA CODE IS NOW OFFLINE Status: RECEIVER ONLY PLEASE NOTE! (this message is addressed to ALL) ------------ The beta code is now offline and may be offline for a couple of days. After finding a program which cracks PCBoard's registration code I have taken the beta code offline so that I can finish up work on the other routines I've been working on which will not be cracked so easily. I'm sorry if the removal inconveniences anyone. However, it's quite obvious that SOMEONE HERE leaked the beta code to a hacker otherwise the hacker could not have worked on breaking the registration code. I'm sorry that the few inconsiderates have to make life difficult for the rest of you (and us). If that's the way the game is played, so be it. P.S. We've found a couple of large pirate boards (who we have not notified) who should expect to see the FBI show up on their doorstep in the not too distant future. Pass the word along. If people want to play rough then we'll up the ante a bit ... getting out of jail won't be cheap! ----------------------------------------------------------------------- Seems to me they are trying to scare everyone. I think the FBI have better things to do than go around catching System Operators who didn't purchase PC-Board. At least I hope they do. First they put in a key that was needed to run the beta version of PCB and you could only get it by typing REGISTER on Salt Air, it would then encrypt your name and give you the key so you could register you beta. Expiration date were also implemented into the beta code of 14.5a, but the first day this was released on Salt Air, pirates already designed a program to make your own key with any name you wanted. It appears that with this 'new' technique that Clark Systems are trying failed too. As it is cracked already also. Maybe they should be more concerned on how PC-Board functions as a BBS rather than how to make it crack-proof. As most pirate system don't run PC-Board anyway! (Information Provided by Crimson Death) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Sir Hackalot Gets Raided ------------------------ Sir Hackalot was raided by Georgia Police in connections with Computer Fraud. The funny thing about it is that Sir Hackalot has been inactive for over a year and no real evidence was shown against him. They just came in and took his equipment. He was not arrested, but was questioned about 3 other locals which did get visited at the same time. Sir Hackalot said, "They appeared to be pretty pissed because they didn't find anything on me." Right now he is waiting to get his equipment back. Knight Line will keep you posted on upcoming news concerning Sir Hackalot, as we all want him to get his computer back so he can right more Unix Nasties for Phrack 34! :-) (Information Provided by Sir Hackalot. Typed by Crimson Death) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Free Speech BBS: Where is it?!? -------------------------------- Some of you may be wondering what happened to Free Speech BBS. Well, after an upgrade to a 486 33Mhz, and 2 new 210 Meg Hard Drives, things began to fall apart. The motherboard went bad and one of the Hard Drives (The main one with the BBS Software on it failed also). Currently, the system has received a new motherboard but is waiting for another Hard Drive. When it is ready to be back up. A message will be sent out onto the other BBS's. Until then, sorry for any trouble. The is going to switch to Celerity BBS and become part of the Celerity Network. So it should be pretty exciting I will keep you informed, on the status of the BBS in the next issue of KL. (Information Provided by Crimson Death. Sysop of Free Speech BBS) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Georgia's New Area Code ----------------------- Telephone use in Georgia has increased so rapidly -- caused by increased population and the use of services like fax machines and mobile telephones -- that we are running out of telephone numbers. Southern Bell will establish a new area code -- 706 -- in Georgia in May 1992. The territory currently designated by the 404 area code will be split. Customers in the Atlanta Metropolitan local calling area will continue to use the 404 area code. Customers outside the Atlanta Metropolitan toll free calling area will use the 706 area code. The 912 area code (South Georgia) will not be affected by this change. We realize the transition to a new area code will take some getting used to. So, between May 3, 1992 and August 2, 1992, you can dial EITHER 706 or 404 to reach numbers in the new area. After August 2, 1992, the use of the 706 area code is required. We are announcing the new area code far in advance to allow customers to plan for the change. (From Southern Bell Customer Newsletter) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Countywide Calling For Southern Bell Customers ---------------------------------------------- As required by legislation enacted by the Georgia General Assembly and by order of Georgia Public Service Commission, beginning July 1, 1991, you will be able to make calls within your county free of toll charges. On July 1, calls within your county boundary that were previously long-distance calls are now local calls. Therefore, no itemization or toll charges will appear on your telephone bill for calls within your county. If you currently use the "1" plus 10-digit dialing or "1" plus seven-digit dialing, you should continue that same dialing pattern with the implementation of countywide calling on July 1. In addition, you can obtain a telephone number within your county by dialing 411 for Directory Assistance with applicable charges applying to these calls. (From Southern Beel Customer Newsletter) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Unplug ------ A prankster who intercepted and rerouted confidential telephone messages from voice mail machines in City Hall prompted officials to pull the plug on the phone system. The city purchased the high-tech telephone system in 1986 for $28 million. But officials forget to require each worker to use a password that allows only that worker to retrieve or transfer voice messages from their "phone mailboxes," said AT&T spokesman Virgil Wildey. As a result, Wildey said, someone who understands the system can transfer messages around, creating chaos. Contributing sources include the San Francisco Chronicle (7/20/91, A5) and the Dallas Times Herald (7/20/91, A20). (From AT&T Newsbriefs) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - The Red October Bust Written by Stickman Co-Authored by Luis Cipher Special Thanks to Orion, Haywire, Sledge, & Kafka Kierkegaard At 08:00 hours on the day of August 7, 1991 in Walnut Creek California the house of Steven Merenko, alias Captain Ramius, was raided by Novell attorneys accompanied by five federal marshals. All of his computer equipment was confiscated by the Novell attorneys, disks, tape backups, and all hardware. Novell officials had filed an affidavit with the U.S. District Court in the Northern District of California. They charged Merenko with illegally distributing Novell NetWare files. A Novell investigator logged on to Merenko's BBS as a regular user 11 times over a period of a several months. He uploaded a piece of commercial software from another company, with the company's permission, in order to gain credibility and eventually download a file part of Novell NetWare 386 v3.11, which with a full-blown installation costs more than $10,000. Novell issued a Civil suit against The Red October BBS, and because of that Merenko will not go to jail if he is found guilty of letting other people download any copyrighted or commercial software. The maximum penalty in a civil case as this one is $100,000 per work infringed. The Red October BBS was THG/TSAN/NapE Site with four nodes, 4 gigabytes of hard drive space online and had been running for four years. Novell's Anti-Piracy Rampage Novell's raid on the Red October BBS on August 7, 1991 was the latest in a 2 year on going anti-piracy venture. In the same week as the Red October bust, The Original Wishlist BBS in Redondo Beach, California was also raided. In April, Novell sued seven resellers in five states that were accused of illegally selling NetWare. In the fall of last year they seized the computer equipment of two men in Tennessee accused of reselling NetWare over BBSs. According to David Bradford, senior vice president and general counsel at Novell and chairman of the Copyright Protection Fund of the Software Publisher's Association, the crack down on software piracy has paid off. From: Steve Merenkov I'm the Ex-Sysop of the Red October BBS. This is the BBS that was busted by NOVELL on 8/7/91. Many have expressed that they would like to make a contribution to my legal defense against NOVELL. I have made arrangements with my Attorney to do this. So please send anything you can spare to: Steve Merenkov Defense Fund C/O Jerry G. Wright, Attorney Flerh, Hohbach, Test, Albrittion & Herbert Four Embarcadero Center, Suite 3400 San Francisco, CA 94111 Make any Checks, Money Orders payable to: Flehr, Hohbach, Test, Albritton & Herbert They have set up a trust fund for my defense and all proceeds will be used will be used for that purpose. This is a Precedent setting case and has been filed in Federal Court. To say the least, at $300 an hour these lawyers aren't cheap! So help protect your rights and mine, send what you can... Thanks, Steve Merenkov You can also leave a message for me at SkyNET 415-275-6607 HST 14.4 (Information Provided by Stickman) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ==Phrack Classic== Volume Three, Issue 33, File #10 of 10 KL ^*^ KL ^*^ KL ^*^ KL ^*^ KL K N I G H T L I N E Issue 002 / Part 2 First of September, 1991 Written, compiled, and edited by Crimson Death KL ^*^ KL ^*^ KL ^*^ KL ^*^ KL --- The following is a article written by Bruce Sterling about his journey into the underground at CyberView '91 in St. Louis. This Article can also been seen in Details men's magazine. Bruce Sterling bruces@well.sf.ca.us They called it "CyberView '91." Actually, it was another "SummerCon" -- the traditional summer gathering of the American hacker underground. The organizer, 21 year old "Knight Lightning," had recently beaten a Computer Fraud and Abuse rap that might have put him in jail for thirty years. A little discretion seemed in order. The convention hotel, a seedy but accommodating motor-inn outside the airport in St Louis, had hosted SummerCons before. Changing the name had been a good idea. If the staff were alert, and actually recognized that these were the same kids back again, things might get hairy. The SummerCon '88 hotel was definitely out of bounds. The US Secret Service had set up shop in an informant's room that year, and videotaped the drunken antics of the now globally notorious "Legion of Doom" through a one-way mirror. The running of SummerCon '88 had constituted a major count of criminal conspiracy against young Knight Lightning, during his 1990 federal trial. That hotel inspired sour memories. Besides, people already got plenty nervous playing "hunt the fed" at SummerCon gigs. SummerCons generally featured at least one active federal informant. Hackers and phone phreaks like to talk a lot. They talk about phones and computers -- and about each other. For insiders, the world of computer hacking is a lot like Mexico. There's no middle class. There's a million little kids screwing around with their modems, trying to snitch long-distance phone-codes, trying to swipe pirated software -- the "kodez kidz" and "warez doodz." They're peons, "rodents." Then there's a few earnest wannabes, up-and-comers, pupils. Not many. Less of 'em every year, lately. And then there's the heavy dudes. The players. The Legion of Doom are definitely heavy. Germany's Chaos Computer Club are very heavy, and already back out on parole after their dire flirtation with the KGB. The Masters of Destruction in New York are a pain in the ass to their rivals in the underground, but ya gotta admit they are heavy. MoD's "Phiber Optik" has almost completed his public-service sentence, too... "Phoenix" and his crowd down in Australia used to be heavy, but nobody's heard much out of "Nom" and "Electron" since the Australian heat came down on them. The people in Holland are very active, but somehow the Dutch hackers don't quite qualify as "heavy." Probably because computer-hacking is legal in Holland, and therefore nobody ever gets busted for it. The Dutch lack the proper bad attitude, somehow. America's answer to the Dutch menace began arriving in a steady confusion of airport shuttle buses and college-kid decaying junkers. A software pirate, one of the more prosperous attendees, flaunted a radar-detecting black muscle-car. In some dim era before the jet age, this section of St Louis had been a mellow, fertile Samuel Clemens landscape. Waist-high summer weeds still flourished beside the four-lane highway and the airport feeder roads. The graceless CyberView hotel had been slammed down onto this landscape as if dropped from a B-52. A small office-tower loomed in one corner beside a large parking garage. The rest was a rambling mess of long, narrow, dimly lit corridors, with a small swimming pool, a glass-fronted souvenir shop and a cheerless dining room. The hotel was clean enough, and the staff, despite provocation, proved adept at minding their own business. For their part, the hackers seemed quite fond of the place. The term "hacker" has had a spotted history. Real "hackers," traditional "hackers," like to write software programs. They like to "grind code," plunging into its densest abstractions until the world outside the computer terminal bleaches away. Hackers tend to be portly white techies with thick fuzzy beards who talk entirely in jargon, stare into space a lot, and laugh briefly for no apparent reason. The CyberView crowd, though they call themselves "hackers," are better identified as computer intruders. They don't look, talk or act like 60s M.I.T.-style hackers. Computer intruders of the 90s aren't stone pocket-protector techies. They're young white suburban males, and look harmless enough, but sneaky. They're much the kind of kid you might find skinny-dipping at 2AM in a backyard suburban swimming pool. The kind of kid who would freeze in the glare of the homeowner's flashlight, then frantically grab his pants and leap over the fence, leaving behind a half-empty bottle of tequila, a Metallica T-shirt, and, probably, his wallet. One might wonder why, in the second decade of the personal-computer revolution, most computer intruders are still suburban teenage white whiz-kids. Hacking-as-computer-intrusion has been around long enough to have bred an entire generation of serious, heavy-duty adult computer-criminals. Basically, this simply hasn't occurred. Almost all computer intruders simply quit after age 22. They get bored with it, frankly. Sneaking around in other people's swimming pools simply loses its appeal. They get out of school. They get married. They buy their own swimming pools. They have to find some replica of a real life. The Legion of Doom -- or rather, the Texas wing of LoD -- had hit Saint Louis in high style, this weekend of June 22. The Legion of Doom has been characterized as "a high-tech street gang" by the Secret Service, but this is surely one of the leakiest, goofiest and best-publicized criminal conspiracies in American history. Not much has been heard from Legion founder "Lex Luthor" in recent years. The Legion's Atlanta wing, "Prophet," "Leftist," and "Urvile," are just now getting out of various prisons and into Georgia halfway-houses. "Mentor" got married and writes science fiction games for a living. But "Erik Bloodaxe," "Doc Holiday," and "Malefactor" were here -- in person, and in the current issues of TIME and NEWSWEEK. CyberView offered a swell opportunity for the Texan Doomsters to announce the formation of their latest high-tech, uhm, organization, "Comsec Data Security Corporation." Comsec boasts a corporate office in Houston, and a marketing analyst, and a full-scale corporate computer-auditing program. The Legion boys are now digital guns for hire. If you're a well-heeled company, and you can cough up per diem and air-fare, the most notorious computer-hackers in America will show right up on your doorstep and put your digital house in order -- guaranteed. Bloodaxe, a limber, strikingly handsome young Texan with shoulder-length blond hair, mirrored sunglasses, a tie, and a formidable gift of gab, did the talking. Before some thirty of his former peers, gathered upstairs over styrofoam coffee and canned Coke in the hotel's Mark Twain Suite, Bloodaxe sternly announced some home truths of modern computer security. Most so-called "computer security experts" -- (Comsec's competitors) -- are overpriced con artists! They charge gullible corporations thousands of dollars a day, just to advise that management lock its doors at night and use paper shredders. Comsec Corp, on the other hand (with occasional consultant work from Messrs. "Pain Hertz" and "Prime Suspect") boasts America's most formidable pool of genuine expertise at actually breaking into computers. Comsec, Bloodaxe continued smoothly, was not in the business of turning-in any former hacking compatriots. Just in case anybody here was, you know, worrying... On the other hand, any fool rash enough to challenge a Comsec-secured system had better be prepared for a serious hacker-to-hacker dust-up. "Why would any company trust you?" someone asked languidly. Malefactor, a muscular young Texan with close-cropped hair and the build of a linebacker, pointed out that, once hired, Comsec would be allowed inside the employer's computer system, and would have no reason at all to "break in." Besides, Comsec agents were to be licensed and bonded. Bloodaxe insisted passionately that LoD were through with hacking for good. There was simply no future in it. The time had come for LoD to move on, and corporate consultation was their new frontier. (The career options of committed computer intruders are, when you come right down to it, remarkably slim.) "We don't want to be flippin' burgers or sellin' life insurance when we're thirty," Bloodaxe drawled. "And wonderin' when Tim Foley is gonna come kickin' in the door!" (Special Agent Timothy M. Foley of the US Secret Service has fully earned his reputation as the most formidable anti-hacker cop in America.) Bloodaxe sighed wistfully. "When I look back at my life... I can see I've essentially been in school for eleven years, teaching myself to be a computer security consultant." After a bit more grilling, Bloodaxe finally got to the core of matters. Did anybody here hate them now? he asked, almost timidly. Did people think the Legion had sold out? Nobody offered this opinion. The hackers shook their heads, they looked down at their sneakers, they had another slug of Coke. They didn't seem to see how it would make much difference, really. Not at this point. Over half the attendees of CyberView publicly claimed to be out of the hacking game now. At least one hacker present -- (who had shown up, for some reason known only to himself, wearing a blond wig and a dime-store tiara, and was now catching flung Cheetos in his styrofoam cup) -- already made his living "consulting" for private investigators. Almost everybody at CyberView had been busted, had their computers seized, or, had, at least, been interrogated -- and when federal police put the squeeze on a teenage hacker, he generally spills his guts. By '87, a mere year or so after they plunged seriously into anti-hacker enforcement, the Secret Service had workable dossiers on everybody that really mattered. By '89, they had files on practically every last soul in the American digital underground. The problem for law enforcement has never been finding out who the hackers are. The problem has been figuring out what the hell they're really up to, and, harder yet, trying to convince the public that it's actually important and dangerous to public safety. From the point of view of hackers, the cops have been acting wacky lately. The cops, and their patrons in the telephone companies, just don't understand the modern world of computers, and they're scared. "They think there are masterminds running spy-rings who employ us," a hacker told me. "They don't understand that we don't do this for money, we do it for power and knowledge." Telephone security people who reach out to the underground are accused of divided loyalties and fired by panicked employers. A young Missourian coolly psychoanalyzed the opposition. "They're overdependent on things they don't understand. They've surrendered their lives to computers." "Power and knowledge" may seem odd motivations. "Money" is a lot easier to understand. There are growing armies of professional thieves who rip-off phone service for money. Hackers, though, are into, well, power and knowledge. This has made them easier to catch than the street-hustlers who steal access codes at airports. It also makes them a lot scarier. Take the increasingly dicey problems posed by "Bulletin Board Systems." "Boards" are home computers tied to home telephone lines, that can store and transmit data over the phone -- written texts, software programs, computer games, electronic mail. Boards were invented in the late 70s, and, while the vast majority of boards are utterly harmless, some few piratical boards swiftly became the very backbone of the 80s digital underground. Over half the attendees of CyberView ran their own boards. "Knight Lightning" had run an electronic magazine, "Phrack," that appeared on many underground boards across America. Boards are mysterious. Boards are conspiratorial. Boards have been accused of harboring: Satanists, anarchists, thieves, child pornographers, Aryan nazis, religious cultists, drug dealers -- and, of course, software pirates, phone phreaks, and hackers. Underground hacker boards were scarcely reassuring, since they often sported terrifying sci-fi heavy-metal names, like "Speed Demon Elite," "Demon Roach Underground," and "Black Ice." (Modern hacker boards tend to feature defiant titles like "Uncensored BBS," "Free Speech," and "Fifth Amendment.") Underground boards carry stuff as vile and scary as, say, 60s-era underground newspapers -- from the time when Yippies hit Chicago and ROLLING STONE gave away free roach-clips to subscribers. "Anarchy files" are popular features on outlaw boards, detailing how to build pipe-bombs, how to make Molotovs, how to brew methedrine and LSD, how to break and enter buildings, how to blow up bridges, the easiest ways to kill someone with a single blow of a blunt object -- and these boards bug straight people a lot. Never mind that all this data is publicly available in public libraries where it is protected by the First Amendment. There is something about its being on a computer -- where any teenage geek with a modem and keyboard can read it, and print it out, and spread it around, free as air -- there is something about that, that is creepy. "Brad" is a New Age pagan from Saint Louis who runs a service known as "WEIRDBASE," available on an international network of boards called "FidoNet." Brad was mired in an interminable scandal when his readers formed a spontaneous underground railroad to help a New Age warlock smuggle his teenage daughter out of Texas, away from his fundamentalist Christian in-laws, who were utterly convinced that he had murdered his wife and intended to sacrifice his daughter to -- Satan! The scandal made local TV in Saint Louis. Cops came around and grilled Brad. The patchouli stench of Aleister Crowley hung heavy in the air. There was just no end to the hassle. If you're into something goofy and dubious and you have a board about it, it can mean real trouble. Science-fiction game publisher Steve Jackson had his board seized in 1990. Some cryogenics people in California, who froze a woman for post-mortem preservation before she was officially, er, "dead," had their computers seized. People who sell dope-growing equipment have had their computers seized. In 1990, boards all over America went down: Illuminati, CLLI Code, Phoenix Project, Dr. Ripco. Computers are seized as "evidence," but since they can be kept indefinitely for study by police, this veers close to confiscation and punishment without trial. One good reason why Mitchell Kapor showed up at CyberView. Mitch Kapor was the co-inventor of the mega-selling business program LOTUS 1-2-3 and the founder of the software giant, Lotus Development Corporation. He is currently the president of a newly-formed electronic civil liberties group, the Electronic Frontier Foundation. Kapor, now 40, customarily wears Hawaiian shirts and is your typical post-hippie cybernetic multimillionaire. He and EFF's chief legal counsel, "Johnny Mnemonic," had flown in for the gig in Kapor's private jet. Kapor had been dragged willy-nilly into the toils of the digital underground when he received an unsolicited floppy-disk in the mail, from an outlaw group known as the "NuPrometheus League." These rascals (still not apprehended) had stolen confidential proprietary software from Apple Computer, Inc., and were distributing it far and wide in order to blow Apple's trade secrets and humiliate the company. Kapor assumed that the disk was a joke, or, more likely, a clever scheme to infect his machines with a computer virus. But when the FBI showed up, at Apple's behest, Kapor was shocked at the extent of their naivete. Here were these well-dressed federal officials, politely "Mr. Kapor"- ing him right and left, ready to carry out a war to the knife against evil marauding "hackers." They didn't seem to grasp that "hackers" had built the entire personal computer industry. Jobs was a hacker, Wozniak too, even Bill Gates, the youngest billionaire in the history of America -- all "hackers." The new buttoned-down regime at Apple had blown its top, and as for the feds, they were willing, but clueless. Well, let's be charitable -- the feds were "cluefully challenged." "Clue-impaired." "Differently clued...." Back in the 70s (as Kapor recited to the hushed and respectful young hackers) he himself had practiced "software piracy" -- as those activities would be known today. Of course, back then, "computer software" hadn't been a major industry -- but today, "hackers" had police after them for doing things that the industry's own pioneers had pulled routinely. Kapor was irate about this. His own personal history, the lifestyle of his pioneering youth, was being smugly written out of the historical record by the latter-day corporate androids. Why, nowadays, people even blanched when Kapor forthrightly declared that he'd done LSD in the Sixties. Quite a few of the younger hackers grew alarmed at this admission of Kapor's, and gazed at him in wonder, as if expecting him to explode. "The law only has sledgehammers, when what we need are parking tickets and speeding tickets," Kapor said. Anti-hacker hysteria had gripped the nation in 1990. Huge law enforcement efforts had been mounted against illusory threats. In Washington DC, on the very day when the formation of the Electronic Frontier Foundation had been announced, a Congressional committee had been formally presented with the plotline of a thriller movie -- DIE HARD II, in which hacker terrorists seize an airport computer -- as if this Hollywood fantasy posed a clear and present danger to the American republic. A similar hacker thriller, WAR GAMES, had been presented to Congress in the mid-80s. Hysteria served no one's purposes, and created a stampede of foolish and unenforceable laws likely to do more harm than good. Kapor didn't want to "paper over the differences" between his Foundation and the underground community. In the firm opinion of EFF, intruding into computers by stealth was morally wrong. Like stealing phone service, it deserved punishment. Not draconian ruthlessness, though. Not the ruination of a youngster's entire life. After a lively and quite serious discussion of digital free-speech issues, the entire crew went to dinner at an Italian eatery in the local mall, on Kapor's capacious charge-tab. Having said his piece and listened with care, Kapor began glancing at his watch. Back in Boston, his six-year-old son was waiting at home, with a new Macintosh computer-game to tackle. A quick phone-call got the jet warmed up, and Kapor and his lawyer split town. With the forces of conventionality -- such as they were -- out of the picture, the Legion of Doom began to get heavily into "Mexican Flags." A Mexican Flag is a lethal, multi-layer concoction of red grenadine, white tequila and green creme-de-menthe. It is topped with a thin layer of 150 proof rum, set afire, and sucked up through straws. The formal fire-and-straw ritual soon went by the board as things began to disintegrate. Wandering from room to room, the crowd became howlingly rowdy, though without creating trouble, as the CyberView crowd had wisely taken over an entire wing of the hotel. "Crimson Death," a cheerful, baby-faced young hardware expert with a pierced nose and three earrings, attempted to hack the hotel's private phone system, but only succeeded in cutting off phone service to his own room. Somebody announced there was a cop guarding the next wing of the hotel. Mild panic ensued. Drunken hackers crowded to the window. A gentleman slipped quietly through the door of the next wing wearing a short terrycloth bathrobe and spangled silk boxer shorts. Spouse-swappers had taken over the neighboring wing of the hotel, and were holding a private weekend orgy. It was a St Louis swingers' group. It turned out that the cop guarding the entrance way was an off-duty swinging cop. He'd angrily threatened to clobber Doc Holiday. Another swinger almost punched-out "Bill from RNOC," whose prurient hacker curiosity, naturally, knew no bounds. It was not much of a contest. As the weekend wore on and the booze flowed freely, the hackers slowly but thoroughly infiltrated the hapless swingers, who proved surprisingly open and tolerant. At one point, they even invited a group of hackers to join in their revels, though "they had to bring their own women." Despite the pulverizing effects of numerous Mexican Flags, Comsec Data Security seemed to be having very little trouble on that score. They'd vanished downtown brandishing their full-color photo in TIME magazine, and returned with an impressive depth-core sample of St Louis womanhood, one of whom, in an idle moment, broke into Doc Holiday's room, emptied his wallet, and stole his Sony tape recorder and all his shirts. Events stopped dead for the season's final episode of STAR TREK: THE NEXT GENERATION. The show passed in rapt attention -- then it was back to harassing the swingers. Bill from RNOC cunningly out-waited the swinger guards, infiltrated the building, and decorated all the closed doors with globs of mustard from a pump-bottle. In the hungover glare of Sunday morning, a hacker proudly showed me a large handlettered placard reading PRIVATE -- STOP, which he had stolen from the unlucky swingers on his way out of their wing. Somehow, he had managed to work his way into the building, and had suavely ingratiated himself into a bedroom, where he had engaged a swinging airline ticket-agent in a long and most informative conversation about the security of airport computer terminals. The ticket agent's wife, at the time, was sprawled on the bed engaging in desultory oral sex with a third gentleman. It transpired that she herself did a lot of work on LOTUS 1-2-3. She was thrilled to hear that the program's inventor, Mitch Kapor, had been in that very hotel, that very weekend. Mitch Kapor. Right over there? Here in St Louis? Wow. Isn't life strange. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - End of Phrack Classic Issue 33.

---

The views and opinions stated within this web page are those of the author or authors which wrote them and may not reflect the views and opinions of the ISP or account user which hosts the web page. The opinions may or may not be those of the Chairman of The Skeptic Tank.

Return to The Skeptic Tank's main Index page.

E-Mail Fredric L. Rice / The Skeptic Tank